Yasal Bilgiler
Privacy policy
How Toutatis collects, uses and protects personal data when you visit toutatis.eu, contact us, or use our client portal.
Son güncelleme tarihi: 2026-07-16
How Toutatis collects, uses and protects personal data when you visit toutatis.eu, contact us, or use our client portal.
1. Introduction
Toutatis Limited (“Toutatis”, “we”, “us”) respects your privacy. This policy explains what personal data we process, why we process it, how long we keep it, and what rights you have under the General Data Protection Regulation (GDPR) and applicable national law.
This policy applies to the marketing website toutatis.eu, contact and newsletter forms, live support chat, and links to our separate client portal for subscriptions and billing.
2. Data controller
Controller: Toutatis Limited — IT Solutions & Services
Contact: info@toutatis.eu · +32 485 12 36 33
Toutatis Limited (ТУТАТИС ООД)
OOD (Bulgarian limited liability company)
Registered office: Pine Tree complex, ul. Kosherinata 4/19, 2770 Bansko, Bulgaria
Company ID (EIK): 207559601
VAT: BG207559601
3. Personal data we collect
Depending on how you interact with us, we may process:
- Identity and contact data: name, email address, phone number, company name.
- Message content: enquiries sent via contact or callback forms.
- Newsletter data: email address and subscription preferences.
- Technical data: IP address, browser type, pages visited, timestamps (server logs).
- Support chat data: messages exchanged via our live chat widget, if enabled.
- Client portal data: account email, subscription and billing information when you use our cloud onboarding portal (separate privacy notice may apply to contractual processing).
4. Purposes and lawful bases
We process personal data only when we have a valid legal basis:
- Responding to enquiries — legitimate interest in operating our business and answering requests; pre-contractual steps where relevant (Art. 6(1)(b) and (f) GDPR).
- Newsletter — consent (Art. 6(1)(a) GDPR). You may unsubscribe at any time.
- Callback requests — legitimate interest / pre-contractual steps to call you back at your request.
- Website security and abuse prevention — legitimate interest (Art. 6(1)(f) GDPR), including honeypot and rate-limiting on forms.
- Client portal and cloud services — performance of a contract (Art. 6(1)(b) GDPR) and legal obligations (Art. 6(1)(c) GDPR).
- Legal compliance — where required by applicable law.
5. Retention
Contact and callback messages are kept for up to 24 months unless a longer period is needed for an ongoing project or legal claim.
Newsletter data is kept until you unsubscribe, then suppressed from active mailing lists.
Server logs are typically retained for up to 90 days for security and troubleshooting.
Contract and billing records for clients are retained as required by tax and commercial law.
6. Recipients and subprocessors
We do not sell personal data. We share data only with trusted providers who help us operate our services, under data processing agreements where required:
- European hosting infrastructure (EU/EEA data centres) — website and application hosting.
- Email delivery infrastructure — to send replies and transactional messages.
- Chatwoot (if live chat is enabled) — support conversations hosted in the EU/EEA where possible.
- Stripe — payment processing for cloud subscriptions via the client portal.
- Professional advisers — lawyers or accountants when strictly necessary.
7. International transfers
We prioritise hosting and subprocessors in the European Union / European Economic Area. If a transfer outside the EEA is ever necessary, we implement appropriate safeguards (such as Standard Contractual Clauses) and assess the transfer risk.
8. Your rights
Under the GDPR you may request access, rectification, erasure, restriction, portability, or object to certain processing. Where processing is based on consent, you may withdraw consent at any time without affecting prior lawful processing.
To exercise your rights, email info@toutatis.eu. We respond within one month unless the request is complex.
You may also lodge a complaint with Commission for Personal Data Protection of the Republic of Bulgaria (CPDP), or your local EU/EEA authority.
9. Cookies and similar technologies
We use essential cookies for basic site operation and, with your consent where required, preference cookies. See our Cookie policy for details and how to manage your choices.
10. Security
We apply technical and organisational measures appropriate to the risk: HTTPS, access controls, rate limiting on public forms, and European hosting. No method of transmission over the Internet is 100% secure; we continuously improve our posture.
11. Children
Our website and services are aimed at businesses and professionals. We do not knowingly collect data from children under 16.
12. Changes
We may update this policy from time to time. The “last updated” date at the top of this page indicates the latest revision. Material changes will be highlighted on this website.
13. Contact
Questions about this policy: info@toutatis.eu
İlgili belgeler
Bu belgelerle ilgili sorularınız mı var? Seve seve açıklayabiliriz.
Bize ulaşın