We take care of the protection of your personal data

Who are we? 
Who are we? Identification of the personal data controller and the personal data protection official in Toplofikacia Sofia EAD.

„Toplofikacia Sofia" EADis a commercial company registered in the Commercial Register at the Registry Agency with UIC 831609046, with registered office and address of management: Sofia, 23 B Yastrebets Str. and is a personal data administrator in accordance with the provisions of the Law for the protection of personal data. 

How to contact us?
Address: Sofia, 23 B Yastrebets Str.; mail: personaldata@toplo.bg 

Toplofikacia Sofia EAD respects the confidentiality of your personal data.

The protection of your personal information throughout the process of personal data processing, as well as the security of all business data, is important for us. We process the personal data collected during your visit to our website, confidentially and in accordance with legal provisions at national and European level. 

Data protection and information security are included in our corporate policy. 

What is the Security Policy and Privacy Policy?

This security policy aims to provide you with comprehensive information in clear and accessible language about what actions are performed with the personal data you provide to Toplofikacia Sofia EAD (hereinafter referred to as Toplofikacia) including: 

- What personal data do we collect about you?
- What is the purpose of their collection?
- For how long do we store the provided personal data?
- Who do we share your personal information with?
- How do we notify you of a change to our Security Policy?
- What types of cookies do we use to make your stay on our website better?
- What are your rights regarding the personal data provided? 

With this Security Policy Toplofikacia Sofia EAD declares that it applies all technical and organizational measures for the protection of personal data of individuals, which are prescribed by law or other normative act at national and European level. 

What is personal data?
Any information and data that can identify an individual, directly or indirectly.
Thus e.g. indirect identification is your mobile phone number. Direct identification is achieved when you provide a unique identifier such as Identification number, customer code and more. 

What personal data does Toplofikacia Sofia EAD collect for you? 

In order to provide you with effective access to our products / services, TOPLOFIKATCIA collects the following information about you:
 - Name, surname, telephone, e-mail, location, address, bank account details, subscriber number, etc. when filling out the various forms posted on our website. 
- Last four digits from personal identificator, Installation number, Contract account number - when registering in My portal;
- Technical data that is automatically sent to us when you use the site;
- IP address, information about the device from which you visit the site;
- Cookies to identify your browser or device.

Basen on what Toplofikacia processes your personal data?

The processing of personal data includes the collection, storage, transmission, correction, updating, deletion, destruction and all other actions that are performed with your personal data. 

TOPLOFIKACIA collects your personal data in order to fulfill its contractual obligations under contracts concluded with you for the provision of services - on a contractual basis. 

TOPLOFIKACIA collects personal data and after obtaining explicit, clear, free and unambiguous consent from you for the purposes of processing. For example, for marketing purposes and receiving newsletters.

Consent to the processing of your personal data is provided upon a visit to our office.

The consent you provide can always be revoked by visiting one of our offices.

TOPLOFIKACIA processes personal data and in fulfillment of legal obligations, as if necessary in order to protect the life and health of the natural person to whom the data relate. 

TOPLOFIKACIA may also process personal data in the event that there is a legal (legitimate) interest, except when the interests of the natural person to whom the data relate take precedence over these interests.

For what purposes do we collect your personal data?

The personal data received from you will be used so that we can fulfill our obligations to you, as well as to help fulfill your rights, including, but not limited to:
- To provide you with the services/products offered by TOPLOFIKACIA ;
- In order to provide you with access to our web page, for this purpose we show you content that is relevant, personalized and limited according to the criteria set by you;
- To answer your questions, opinions and recommendations;
- To send you information related to special campaigns and our new products and services.

In addition to the above, we have a legal interest in collecting your personal data, because without them we cannot provide you with the service / product you are interested in. Also for fulfillment of legal obligations and protection of a legitimate interest, unless the interests of the person have an interest before him.

How do we process your personal data?

To provide products and services, TOPLOFIKACIA processes (collects) the personal data provided by you regarding the physical, economic, social and family identity in the following ways:

 - by completing applications, forms and declarations provided to you by employees of TOPLOFIKACIA . The forms are provided and filled in at our Offices in case you request a provision of services;
- by visiting the web portal for using the services of our web page;
- when updating data at your request and filling in an update form on paper or in electronic environment; 

How long do we store and process your data before we destroy it? 

Depending on the basis of which processing of your personal data, the period of storage of personal data is different.

Your personal data is stored by us for a period of 5 years from the termination of the contract / elimination of the grounds on which the data were originally collected and in case the contractual obligations are fulfilled, if we process personal data to fulfill contractual obligations to you. After the expiration of this period and in the event that there is no legal basis for the continued storage of your personal data, the information about you is destroyed. 

To whom can we transfer the personal data provided by you? 

TOPLOFIKACIA undertakes not to provide your personal data without your explicit consent to third parties, except when necessary to fulfill contractual obligations. 

It is possible for fulfillment of undertaken obligations under contractual and / or pre-contractual relations  TOPLOFIKACIA to disclose your personal data to the following persons:
- Courier companies;
- Share distribution companies;
- Companies collecting amounts;
- The company that supports the call center 

Are there other cases in which we may share your personal information?

Your personal data is also provided to third parties in the following cases:
- At the request of the natural person who provided the data, a subject of personal data protection;
- At the request of competent authorities in accordance with the current legislation of the Republic of Bulgaria and the European Union. 

In all the above cases, the persons to whom we provide your personal data have declared that they provide an adequate level of protection of your personal data, including foreign companies positioned within the EU and the EEA. In the case of companies located outside the EU and the EEA, on a case-by-case basis, the company concerned shall ensure that it provides an adequate level of protection of personal data, in compliance with the requirements of European law. 

What are your rights regarding the personal data provided? 

In compliance with Bulgarian and European legislation, including Regulation (EU) 2016/679 of the EU and the Council (General Regulation on Personal Data Protection - GDPR) on personal data protection, you can exercise the following rights:
- The right to access the personal data that TOPLOFIKACIA processes for you and to receive a copy of them;
- The right to ask TOPLOFIKACIA for correction in case you find inaccuracies or the need to update your personal data.
- The right to request the blocking of your personal data or the restriction of the processing of personal data, in the cases specified by law and the Regulation;
- Right to request deletion, ie. deletion of your personal data from ....., in case the conditions for this are met.
- The right to object to the processing of your personal data for the purposes of direct marketing;
- The right to object to the provision of your personal data to third parties;
- The right, when you wish, to withdraw your consent for your personal data to be processed for the purposes for which you have given your consent, for example for marketing;
- The right to request the portability of your personal data in a structured, machine-readable format that is commonly used;
- The right to file a complaint or a request for protection of your rights before the Commission for Personal Data Protection, in case the prerequisites for that are present; 

You can exercise all rights at any time during the processing of your personal data. 

What does each of the above rights mean? 

Right of access to personal data. 

This right allows you to obtain information about the data that identifies the controller and his representative, the purposes of the processing of personal data, the recipients or categories of recipients to whom the data may be disclosed, data on the mandatory or voluntary nature of the data and the consequences from refusal to provide them, as well as information about the right of access and the right to correct the collected data.

 The data shall not be provided when the person to whom they relate already possesses them or there is an explicit prohibition in law to provide them.. 

Right to delete, access, correct, block 

The right at any time to ask the administrator to delete, correct or block personal data, the processing of which does not meet the requirements, as well as the right to ask the administrator to notify third parties to whom personal data have been disclosed of each deletion, correction or blocking which has been carried out, except in cases where this is impossible or involves excessive effort; 

Right to object

Right to object to the administrator against the processing of personal data of the individual in the presence of a legal basis for this, as well as against the processing and disclosure to third parties of your personal data for the purposes of direct marketing. You have the right to be notified before your personal data is first disclosed to third parties or used on their behalf for direct marketing purposes, and you have the right to object to such disclosure or use. 

Right of portability

When personal data is processed automatically, you have the right to receive the personal data relating to you that you have provided to the administrator in a structured, widely used, machine-readable and interoperable format and to transmit them to another administrator.

This right should apply where the data subject has provided the personal data on his or her own consent or the processing is necessary due to a contractual obligation. The law should not apply where the processing is based on a legal basis other than consent or contract. By its very nature, this right should not be exercised in respect of data administrators in the performance of their public duties. Therefore, this right should not apply where the processing of personal data is necessary to comply with a legal obligation to which the controller is subject, or to perform a task in the public interest, or in the exercise of official authority conferred on the administrator. The right of the data subject to transmit or receive personal data relating to him does not impose an obligation on administrators to adopt or maintain technically compatible processing systems. Where more than one data subject is affected in a given set of personal data, the right to receive personal data should not affect the rights and freedoms of other data subjects in accordance with this Regulation.  

The right to submit a complaint or request to the Commission for Personal Data Protection 

In case of violation of your rights, you have the right to refer to the Commission for Personal Data Protection within one year of learning of the violation, but not later than five years from its commission. In case of violation of your rights, you have the right to appeal against the actions and acts of the administrator in court or before the Supreme Administrative Court. The court cannot be seised if there is pending proceedings before the Commission for the same violation or a decision on the same violation has been appealed and no court decision has entered into force. 

Changes to Security Policies - (Privacy Notice) 

For all changes in these Privacy Policies, we declare that we will notify you through the company's website.  

This will give you the opportunity to stop using some or all of the services and/or to use your rights, some of which are expressly stated above. In addition, we will take all possible measures to inform in case of changes in the protection of personal data by placing messages in the offices and on the web portals of TOPLOFIKACIA . 

These privacy policies have also been adopted in force by Toplofikacia Sofia EAD on 23.05.2018.

Cookie Policy


Cookies are small text files that are saved on your computer when you visit our website. If you access this website at another time, your browser sends back the contents of the cookies and thus allows the terminal device to be re-identified. Reading cookies allows us to design our website optimally for you and makes it easier for you to use it. 


The browser allows you to delete all cookies at any time. 


Certain cookies are required in order for us to securely provide our services through our website. This category includes:
• Cookies that identify or authenticate our users;
• Cookies that temporarily store certain user data (eg online form content);
• Cookies that store certain user preferences (eg search settings or language settings);
• Cookies, which store data to ensure the smooth playback of video or audio content. 


We use analytics cookies to record user behavior (eg, click on ad banners and enter search queries) and statistically evaluate these actions. 


We need statistical information about the use of our website to make it more accessible, to measure the scope and to do market research. For this purpose we use the web analysis tool GOOGLE ANALYTICS. The user profiles created by these tools using analytics cookies or by evaluating log files do not contain personal data. 

You can object to the collection and processing of your data by downloading and installing a browser plug-in from the following link: http://tools.google.com/dlpage/gaoptout?hl=en


The website may contain links to other sites or embedded content from third parties (for example, Facebook, YouTube, etc.). When you visit these other sites or open pages that contain embedded third-party content, it is likely that third-party cookies may be placed on your end device. 

"TOPLOFIKACIA" there is no control over the generation and management of "third party cookies". For more information about the purpose for which third-party cookies are used and their content, please search for and review the privacy and cookie policies adopted by the third parties concerned.  

Most public browsing programs (browsers) by default allow the placement of cookies on the end device. If you prefer, you can change your browser settings in such a way that existing cookies are deleted, or the placement of cookies (including "third-party cookies") is automatically blocked. Please note that if you choose to delete or block cookies, this may affect the accessibility or functionality of this website.  

More information about cookies, including the ability to manage them, can be found on the following website: http://www.allaboutcookies.org/manage-cookies.

By visiting our website and portal, you agree to the use of cookies in accordance with the terms of this Privacy Policy.

The site is protected by Google reCaptcha. You can get acquainted with theirs Confidentiality and Conditions.