Who we are What we do

Privacy Policy

IIntroduction

With this policy, we seek to inform you on the processing of personal data that we collect in connection with our activities. Personal data encompasses any information relating to an identified or identifiable natural person, including, for example, name, address, email address, or telephone number. Information that does not permit the identification of an individual – such as aggregated website user statistics – does not fall within this scope.

Most of our services may be accessed without any form of registration. We fully respect and safeguard the privacy of all users of our website, job applicants, as well as visitors to our premises. This privacy policy sets out the principles and conditions governing the processing and use of personal data collected during your visit or use of our website or during your presence on our premises. We invite you to review this privacy policy for detailed information regarding the processing and use of your personal data.

Basic concepts for a better understanding of this policy

“Personal Data,” for the purposes of this policy, refers to any information that identifies or can be used to identify a living individual, whether on its own or in combination with other information.

“Processing of personal data” of a user means any operation or set of operations performed on personal data or a set of personal data, whether by automated means or otherwise. Such operations include, but are not limited to, the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission or dissemination, making available in any form, alignment or combination, restriction, erasure, or destruction of the data.

“Controller” means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided by such Union or Member State law.

“Consent of the data subject” means any freely given, specific, informed and unambiguous indication of the data subject’s will by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

“Data processor” means a natural or legal person, public authority, agency or other organization, that processes personal data on behalf of Telelink Business Services Group AD.

“Third Party” means a natural or legal person, public authority, agency or body, other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

“Data subject” means an identifiable natural person who can be identified, directly or indirectly, in particular by an identifier such as name, identification number, location data, online identifier, or by one or more factors specific to that natural person’s physical, physiological, genetic, mental, economic, cultural, or social identity.

“Applicable law” means the legislation of the European Union and of the Republic of Bulgaria, which is relevant to the personal data protection (Personal Data Protection Act, etc.);

“Regulation (EU) 2016/679” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), published in the Official Journal of the European Union on 4 May 2016 (OJ L 119, p. 1), as corrected by the corrigendum of 23 May 2018; hereinafter referred to as “the Regulation.”

Purposes of Processing

Telelink Business Services Group AD collects and uses your personal information for the following purposes:

Provision of Requested Services

All of the personal data you fill out in the registration forms, or your profile, is necessary to respond to your needs or the service you have requested, and which Telelink Business Services Group AD provides. In order to provide high quality services online and offline, we need your identification data, whereas their scope varies depending on the type of service requested and the applicable legal requirements.

Lawful basis:

  • Performance of a contract or steps prior to entering into a contract (Art. 6(1)(b) GDPR).
  • Consent of the data subject (Art. 6(1)(a) GDPR).

Types of personal data processed:

  • Identification data (e.g., full name, initials).
  • Contact information (e-mail address, telephone number, address).
  • Any additional data required depending on the specific service and applicable legal requirements.

Retention period:

  • For the period of the provision of the requested service and, where applicable, in accordance with statutory retention requirements.

Marketing Communications and Newsletter Subscription

We may use the personal data you provide to keep you informed about new services, initiatives, events and updates from Telelink Business Services Group AD. You can choose to subscribe to our newsletter. You may withdraw your consent and stop receiving marketing messages at any time, and clear instructions on how to do so will always be included in each communication.

 In addition, for marketing and service-improvement purposes, we may analyze website traffic and user behavior through cookies and similar technologies, as further explained in our Cookie Policy.

Lawful basis:

  • Consent of the data subject (Art. 6(1)(a) GDPR).

Types of personal data processed:

  • Contact information (primarily e-mail address).
  • Data collected through cookies and similar technologies for traffic analysis and behavioral tracking (as outlined in the Cookie Policy).

Retention period:

  • Until consent is withdrawn or until the personal data is no longer necessary in relation to the marketing purposes for which it was collected and processed.

Applications for vacant positions

Through our website and HR platform, we offer a convenient way for you to review current vacancies at Telelink Business Services Group AD and apply for a position of your choice. When you submit your application documents, we process the information you provide, including your personal data, for the purposes of conducting the selection process.

Lawful basis:

  • Consent of the applicant for the processing of their data for recruitment and selection purposes (Art. 6(1)(a) GDPR).

Types of personal data processed:

  • Identification data (name).
  • Contact data (address, e-mail, telephone).
  • Information contained in CVs, cover letters, and other documents voluntarily submitted by the applicant.

Retention period:

  • For a period of six months, commencing on the date of submission of the CV, and for a longer period only upon the provision of explicit consent for extended retention.

Secure Accommodation on company premises

When you visit our premises for a meeting or an event, we kindly ask you to complete a brief registration. The personal data you provide during this process will be used to ensure your safety and to facilitate a secure and smooth experience while on our premises.

Lawful basis:

  • Legitimate interest of the Company to ensure the safety and security of its premises, employees, and visitors (Art. 6(1)(f) GDPR).

Types of personal data processed:

  • Identification data provided during visitor registration (e.g., name, e-mail).
  • Contact information, if required for access or security purposes.

Retention period:

  • Data will be retained for a period of six months following the date of the visit.

Additional Notes on Data Categories

Personal data collected through interacting with the Company’s website or official social media pages (Facebook, Instagram, LinkedIn, Twitter, YouTube, etc.) may also include preferences, comments, or opinions related to Telelink Business Services Group AD activities, campaigns, events, or initiatives, and any other voluntarily provided information.

Who has access to your data?

Telelink Business Services Group AD acts as the controller of your personal data and is committed to maintaining its confidentiality. Access to your data is strictly limited to authorized Company personnel and only to the extent necessary for the performance of their duties, in accordance with their level of competence and authorization. Not all staff have access to all data – access is granted solely based on the relevance of the data to their role.

Your personal data will not be shared, disclosed, or transferred to third parties except as described in this Policy. Subject to applicable legal requirements or with your consent, the Company may share your personal data with third parties who act as joint or independent controllers in the processing of such data.

We may share your personal data with the following entities:

Other companies within the Telelink Business Services Group AD – based on our legitimate interest in supporting the Group’s internal administrative functions and to comply with legal reporting obligations.

Regulatory and public authorities – including national and European administrative bodies, which are entitled by law to request and receive such information, as well as other public authorities in cases provided for by law, in connection with their official duties or legal proceedings.

Companies involved in IT product licensing – to facilitate the proper management and licensing of software and related IT products.

Your rights regarding your personal data

Subject to Bulgarian and European law, including Regulation (EU) 2016/679, you have the following rights in relation to your personal data, processed by Telelink Business Services Group AD:

  • to access and receive a copy of your personal data, processed by Telelink Business Services Group AD;
  • in case of incompleteness or inaccuracy of the data, processed by Telelink Business Services Group AD, your personal data to be corrected;
  • to request your data to be deleted when the below referred conditions are met, and in particular:
    • the objective for which the data was collected has been achieved;
    • you have withdrawn your consent when processing is consent based and there is no other legal basis for processing;
    • your data is being processed illegally, and others;
  • in certain cases, you may require the processing of your personal data to be restricted when:
    • you challenge the accuracy of the personal data for a period that allows us to verify the accuracy of the personal data;
    • the processing is unlawful, however you do not want your personal data to be deleted, but instead require a restriction on their use;
    • Telelink Business Services Group AD no longer needs your personal data for the purposes for which it was collected, but you require it to be retained for the purpose of establishing, exercising or protecting legal claims;
    • you have objected to the processing of your data based on the existence of a legitimate interest in the Company; in cases where your data are processed for legitimate interest (listed above in this notice), you may object to the processing of your personal data on that basis;
  • to exercise your right to data portability and request your data to be provided in a structured, commonly used and machine-readable format;
  • to withdraw your consent when the processing of your personal data is based on consent
  • to file a complaint with the Commission for Protection of Personal Data, where the relevant prerequisites are available, at kzld@cpdp.bg.

Who are we?

Telelink Business Services Group AD is a joint-stock company, leader in the IT services and infrastructure, registered in the Commercial Register of the Registry Agency under UIC 205744019, with registered office and headquarters: Garitage Park, bldg.1, fl.4, 2 Donka Ushlinova str., 1766 Sofia, Bulgaria. In accordance with the applicable data protection laws, Telelink Business Services Group AD acts as a controller of personal data with respect to the personal data of the users of our website, job applicants, as well as visitors to our premises.

How to contact us?

If this policy does not answer your questions or you have any other concern, please contact us directly at the following address: Garitage Park, bldg.1, fl.4, 2 Donka Ushlinova str., 1766 Sofia, Bulgaria, or e-mail: support@telelink.bg, or contact our personal data protection officer: dpodesk@tbs.tech

Entry into force and update

This document is subject to periodic review for relevance and adequacy and is updated as necessary.

Last revision: Rev.02/25-NOV-2025