Privacy Policy

Last updated: April 23, 2026. This policy describes how Guidly ("we", "us") handles personal data when you use our websites, marketing pages, and the Guidly product. Processing is subject to EU GDPR and to Bulgarian personal data law where applicable.

Who we are

Guidly is developed by the same team as Bulgarit. Privacy, commercial, and company-formation coordination for Guidly go through contact@bulgarit.com (Bulgarit). When Guidly's Bulgarian trading company is registered in the Commercial Register, we will add its legal name, Unified Identification Code (UIC), and registered address here and on About—the company will typically act as data controller for Guidly thereafter.

Under the GDPR and Bulgarian law (including the Personal Data Protection Act), whoever determines why and how personal data is processed must be identifiable. Until registration is complete, the controller may be the natural person(s) operating Guidly; you can still exercise all applicable rights at the email above, and we respond within GDPR timelines (usually within one month, extendable where the law allows).

Who this applies to

This policy applies to visitors of Guidly web properties, trial users, paying customers, and anyone who interacts with our services where we act as a data controller. Where Guidly processes data on behalf of a customer (for example, end users of a customer's product), our customer is responsible for their own notices; we describe processor commitments in our agreements and security materials.

Data we may collect

  • Account and billing: name, email, and organization for accounts. If we introduce paid plans, payment-related information will be handled by a payment processor—we do not intend to store full card numbers on Guidly servers.
  • Product usage: technical logs, configuration, and usage needed to operate, secure, and improve the service.
  • Support and contact: information you send when you email us or submit forms (including the contents of your message).
  • Marketing site: essential cookies for security and session continuity where needed, and optional analytics or similar technologies depending on how the site is configured. You can use browser controls to limit non-essential cookies; essential cookies may still be required for core functionality.

Why we use data

We use personal data to provide the service, authenticate users, bill customers, respond to requests, comply with law, secure our systems, and improve Guidly in line with legitimate interests and—where required—your consent.

Legal bases (EEA/UK and Bulgaria)

Where GDPR applies (including for users in Bulgaria and the wider EEA), we rely on appropriate bases such as contract (to deliver the service), legitimate interests (security and product improvement, balanced against your rights), legal obligation, and consent where we ask for it explicitly.

Retention

We retain data only as long as needed for the purposes above, including legal, tax, and accounting requirements. Retention periods can vary by data category; contact us for specifics related to your account.

Sharing

We use infrastructure and subprocessors (for example hosting, email, analytics, and payments) that help us run Guidly. We share data with them under contracts that require appropriate safeguards. We do not sell your personal information. A current list of subprocessor categories (and providers where appropriate) is available on request for customers performing diligence—contact us at the address below.

Business customers (processors)

Where Guidly processes personal data on behalf of a business customer (for example, end users interacting with an embedded widget), our customer is typically responsible for their relationship with those individuals; we offer appropriate data-processing terms for enterprise agreements where required by law.

International transfers

Your data may be processed in countries outside where you live. Where required, we use appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms.

Security

We implement administrative, technical, and organizational measures designed to protect personal data. No method of transmission or storage is 100% secure; see also our Security page.

Your rights

Depending on your location, you may have rights to access, rectify, erase, restrict, or object to certain processing, and to data portability. To exercise rights, contact contact@bulgarit.com.

You may lodge a complaint with a supervisory authority—for Bulgaria this is the Commission for Personal Data Protection (CPDP); elsewhere in the EEA, with the authority where you live or work. This does not affect your right to seek a judicial remedy.

United States (California and similar states)

If you are a California resident, you may have rights under the CCPA/CPRA, including to know, delete, and correct certain personal information, and to opt out of certain types of sharing. We do not sell personal information for money, and we do not share personal information for cross-context behavioral advertising as defined under California law. To submit a privacy request, contact contact@bulgarit.com. Residents of other U.S. states with comprehensive privacy laws may have similar rights; we honor applicable requests where required by law.

Children

Guidly is not directed at children. We do not knowingly collect personal information from children under 13 (or under 16 where a higher age applies in your jurisdiction, such as certain EEA countries).

Changes

We may update this policy from time to time. We will post the updated version on this page and adjust the "Last updated" date.

Contact

Privacy questions: contact@bulgarit.com.