Privacy Policy

Last Updated: May 2026

1. Introduction

Cimcoop Holding LTD ("Cimcoop", "we", "us", or "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal information when you visit our website at cimcoop.com or interact with our services.

We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable Bulgarian data protection legislation. By using our website, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller

The data controller responsible for your personal data is:

• Company: Cimcoop Holding LTD
• Address: 40 Buxton Blvd., Floor 6, Sofia 1618, Bulgaria
• Phone: +359 2 955 9741
• Email: info@cimcoop.com
• CEO: Kalin Georgiev

For any questions or requests regarding your personal data, please contact us at info@cimcoop.com.

3. Information We Collect

3.1 Information You Provide Directly

When you submit a contact form, request for quote (RFQ), or otherwise communicate with us, we may collect:

• Full name and job title
• Email address
• Phone number
• Company name and address
• Project details, technical specifications, and requirements
• Technical drawings, CAD files, or other documents you upload
• Any other information you choose to include in your message

3.2 Information Collected Automatically

When you visit our website, we automatically collect certain technical data, including:

• IP address
• Browser type and version
• Operating system
• Referring URL and pages visited
• Date, time, and duration of your visit
• Device type and screen resolution
• General geographic location (country/region level, derived from IP address)

4. How We Use Your Data

We process your personal data for the following purposes and legal bases:

• Responding to RFQ inquiries and contact form submissions — to provide you with quotes, technical information, and answers to your questions (legal basis: legitimate interest and pre-contractual measures)
• Processing and fulfilling orders — to manufacture and deliver optical components you have ordered, including invoicing and shipping (legal basis: performance of a contract)
• Improving our website and services — to analyze how visitors use our website so we can enhance content, functionality, and user experience (legal basis: legitimate interest)
• Marketing communications — to send you product updates, industry news, or promotional materials, only with your explicit consent (legal basis: consent)
• Legal compliance — to meet our obligations under applicable laws, regulations, and export control requirements including ITAR (legal basis: legal obligation)

5. Data Sharing

We do not sell your personal data. We may share your data with the following categories of third-party service providers who process data on our behalf:

• Cloudflare — content delivery network (CDN) and website security services. Cloudflare may process your IP address and request data to protect our website from malicious traffic. Cloudflare Privacy Policy
• Google Analytics — web analytics service that helps us understand how visitors interact with our website. Google Analytics uses cookies to collect anonymized usage data. Google Privacy Policy
• Google Tag Manager — tag management system used to deploy and manage tracking scripts on our website. Google Privacy Policy

We may also disclose your data when required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Cimcoop, our customers, or others.

6. International Data Transfers

As Cimcoop is based in Bulgaria, a member state of the European Union, your data is primarily processed within the European Economic Area (EEA). However, some of our third-party service providers (such as Google and Cloudflare) may process data outside the EEA.

Where data is transferred outside the EEA, we ensure appropriate safeguards are in place, including:

• EU-approved Standard Contractual Clauses (SCCs)
• Adequacy decisions by the European Commission
• The EU-U.S. Data Privacy Framework, where applicable

You may request further information about the safeguards we use by contacting us at info@cimcoop.com.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Our retention periods are:

• Contact and RFQ form submissions: 3 years from the date of last interaction, unless an ongoing business relationship requires longer retention
• Analytics data: 26 months (Google Analytics default retention period)
• Marketing consent records: retained until you withdraw your consent

After the applicable retention period, personal data is securely deleted or anonymized.

8. Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your experience and analyze website usage. The cookies we use fall into the following categories:

8.1 Essential Cookies

These cookies are necessary for the website to function and cannot be switched off. They include session cookies that maintain your browsing session and remember your preferences.

8.2 Analytics Cookies

We use Google Analytics to collect anonymized data about how visitors use our website. These cookies help us understand page views, traffic sources, and user behavior so we can improve our content and services. Google Analytics cookies include _ga, _ga_*, and _gid.

8.3 Marketing Cookies

Through Google Tag Manager, we may deploy cookies that help us measure the effectiveness of our marketing efforts and deliver relevant content. These cookies are only set with your consent.

You can control and manage cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our website.

9. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

• Right of Access — You have the right to request a copy of the personal data we hold about you.
• Right to Rectification — You have the right to request correction of any inaccurate or incomplete personal data.
• Right to Erasure — You have the right to request deletion of your personal data where there is no compelling reason for its continued processing.
• Right to Restriction of Processing — You have the right to request that we restrict the processing of your personal data under certain circumstances.
• Right to Data Portability — You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to Object — You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent — Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.

To exercise any of these rights, please contact us at info@cimcoop.com. We will respond to your request within 30 days.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• SSL/TLS encryption for all data transmitted between your browser and our website
• Access controls limiting personal data access to authorized personnel only
• Regular security assessments and updates to our systems
• Staff training on data protection and privacy best practices

While we take every reasonable precaution to protect your data, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to maintaining the highest practical standards.

11. Children's Privacy

Our website and services are intended for business professionals and are not directed at children. We do not knowingly collect personal data from individuals under the age of 16. If you believe that we have inadvertently collected data from a child under 16, please contact us at info@cimcoop.com and we will promptly delete such data.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or services. When we make material changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

13. Supervisory Authority

If you believe that our processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority. In Bulgaria, the relevant authority is:

• Commission for Personal Data Protection (CPDP)
• Address: 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592, Bulgaria
• Phone: +359 2 915 3518
• Website: www.cpdp.bg
• Email: kzld@cpdp.bg

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

• Company: Cimcoop Holding LTD
• Address: 40 Buxton Blvd., Floor 6, Sofia 1618, Bulgaria
• Phone: +359 2 955 9741
• Email: info@cimcoop.com