Contact us

Privacy Policy

(Personal Data Processing – GDPR)

Last updated: 28.08.2025

This Privacy Policy (“Policy”) explains how [име на дружество]UIC UICwith registered office at Sofia, ul. Timok 20 (“we”, the “Controller”), processes personal data of visitors and clients when using the website [domain] (the “Website”) and the related services.

By using the Website, you confirm that you have read and accept this Policy. If you do not agree, please discontinue using the Website.

Legal basisThis Policy is drafted in accordance with Regulation (EU) 2016/679 (GDPR) and the Bulgarian Personal Data Protection Act (PDPA).

 

1) Controller and contact details

  • Administrator: [име на дружество]

  • UIC UIC

  • Address: Bulgaria, Sofia, ul. Timok 20

  • Email for data-protection matters: info@tropic-home.com

  • Telephone: +359 888 736126 / +359 877 417173

 

2) Data we collect

We collect and process only the data necessary to provide our services and to ensure the proper functioning of the Website:

Data you provide to us:

  • First and last name, email address, phone number;

  • Messages/inquiries, information submitted via contact/booking forms;

  • Information required for the performance of a contract/order (site address, preferred date/time, etc.).

Data collected automatically (logs and cookies):

  • IP address, browser type/version, device data, referrer pages, pages visited/time stamps;

  • Cookies and similar technologies for session management, preferences, security, and statistics.
    (SeeCookies sectionbelow.)

The logic and data categories are consistent with the practice in Property Yard's published policies - personal data provided by the user and data generated automatically (incl. IP/cookies) py-investment.com.

 

3) Purposes and legal bases

We process your data for the following purposes and under the following legal bases:

  1. Service provision and communication – registering/handling inquiries, replies, support, subsequent communications.

    • Legal basis: Art. 6(1)(b) GDPR (contract/pre-contractual steps); Art. 6(1)(a) GDPR (consent, where applicable).

  2. Personalized access and security – fraud prevention, security logs, abuse mitigation.

    • Legal basis: legitimate interests (Art. 6(1)(f) GDPR).

  3. Service improvement and statistics – measuring usability, anonymized reports, satisfaction surveys.

    • Legal basis: legitimate interests / consent for analytics cookies, where required.

  4. Marketing – information about similar services/offers (only with your consent; you can withdraw at any time).

    • Legal basis: Art. 6(1)(a) GDPR (consent).

  5. Legal obligations – accounting, warranty and complaint handling, responding to lawful requests by authorities.

    • Legal basis: Art. 6(1)(c) GDPR (legal obligation).

The goals and principles follow what is described in the source: identification, access to personalized resources, feedback, security, support, quality improvement, fraud prevention, consent-based marketing, etc.

 

4) Principles and data minimization

We process personal data lawfully, fairly, and transparently, for explicit and legitimate purposes only, and we limit processing to what is necessary. We maintain the accuracy and currency of data and apply appropriate technical and organizational measures to ensure security (Art. 5 GDPR).

 

5) Data recipients and sharing with third parties

We may share data only when necessary and lawful:

  • Service providers/sub-processors (hosting, IT support, email/CRM tools, couriers, etc.) – bound by contract, they act only on our documented instructions and must apply adequate safeguards;

  • Competent public authorities – where required by law;

  • Corporate changes – in case of reorganization/transfer of business, in accordance with applicable law.

The logic follows the descriptions of the possibility of providing to third parties with consent/necessity/law and in the context of a transfer of activity, as indicated in the source.

 

6) International transfers

As a rule, we process data within the EU/EEA. If a transfer to a third country becomes necessary, it will be carried out in compliance with Arts. 44–49 GDPR (adequacy decisions, Standard Contractual Clauses, derogations, additional safeguards) and you will be informed in advance.

(The original site mentions transfers to Thailand – here we leave a neutral GDPR framework applicable to your business.

 

7) Storage periods

We retain data only for as long as necessary for the purposes for which it was collected, or until:

  • the contractual relationship/warranty or complaint periods end;

  • a legal retention duty applies (e.g., for accounting records);

  • the consent you have given is withdrawn;

  • an internally defined maximum period expires (e.g., up to 3 years of inactivity for contact inquiries/logs).

A similar time logic is also present in the source (example 3-year period and subsequent deletion) py-investment.com.

 

8) Cookies

The Website uses necessary, functional, and (optional) analytics/marketing cookies.

  • What are cookies? Small files stored by your browser/device that support security, session continuity, preference storage, usage statistics, etc.

  • Management: You can accept/decline categories of cookies through our cookie banner and/or your browser settings. Refusing non-essential cookies will not limit the core functions of the Website, but may affect certain conveniences.

  • Retention: Session cookies (deleted when the browser is closed) and persistent cookies (stored for a defined period).

  • More information: See our Cookie Policy (if you maintain a separate page) or this section.

Summarizes the goals and terms of Property Yard's public policy (session/persistent, consent, opt-out/settings) py-investment.com.

 

9) Your rights (GDPR Arts. 15–22)

You have the right to request:

  • Достъп Access to your personal data and a copy of it;

  • Rectification of inaccurate/incomplete data;

  • Erasure (“right to be forgotten”) where legal grounds apply;

  • Restriction of processing;

  • Data portability of data you provided, in a structured, commonly used and machine-readable format;

  • Objection to processing based on legitimate interests/direct marketing;

  • Withdrawal of consent at any time (without affecting the lawfulness of processing before withdrawal).

To exercise your rights: contact info@tropic-home.com. We will respond within one month (possible extension in case of complexity). You have the right to file a complaint with the CPDP (www.cpdp.bg)

 

10) Security measures

We implement appropriate technical and organizational measures – access control, encryption/pseudonymization where applicable, storage and deletion policies, staff/sub-processor restrictions, records of processing activities, periodic reviews, etc.

In line with the protection sections in the source – organizational/technical measures, responsible persons and access control

 

11) Underaged

Our services are not directed at persons under 18. If we become aware that we processed data of a minor without valid parental/guardian consent, we will delete such data without undue delay.

 

12) Changes to this Policy

We may update this Policy from time to time. The latest version will be published on this page with the “last updated” date. Your continued use of the Website after changes have been posted constitutes acceptance of those changes.

 

13) Contact

For questions regarding this Policy or your personal data, please contact: - info@tropic-home.com , +359 888 736126 / +359 877 417173 , Sofia, 20 Timok St.
[име на дружество] – info@tropic-home.com , +359 888 736126 / +359 877 417173 , гр. София, ул. Тимок 20 .

With over a decade on the Phuket real estate market, we have hundreds of successfully closed deals and happy clients behind us. Contact us today.

  • Bulgaria, Sofia, 20 Timok St.
  • +359 888 736126
  • +359 877 417173
  • info@tropic-home.com

About TropicHome

Quick links

© 2025 All rights reserved. Developed by Denvelkoff Studio.