Rebooted

Store policies

Privacy & GDPR

Review the latest policy details below.

1. Data Controller

YOKRIS 92 LTD, operating under the Rebooted brand, is a personal data controller within the meaning of Regulation (EU) 2016/679 (GDPR) and the applicable Bulgarian legislation.

  • UIC: 205318119
  • Address: 4 Dunav St., Rakitovo, Bulgaria
  • Email: info@rebooted.bg
  • Phone: +359 899 155 667

This Privacy Policy explains what personal data we process, for what purposes, on what legal basis, and what rights you have.

2. What Data We Process

We process only the data necessary for the operation of the website, order handling, and communication with customers. Depending on the situation, this may include:

  • first and last name;
  • phone number;
  • email address;
  • delivery address;
  • billing details or company details for B2B orders;
  • order information and purchased products;
  • serial numbers and information needed for warranty support;
  • communications sent by email, phone, or website forms.

We do not collect payment card data through the website and we do not aim to process sensitive personal data.

3. Why We Use the Data

Personal data is used only for legitimate and specific purposes, including:

  • accepting, processing, and fulfilling orders;
  • shipping goods and coordinating with couriers;
  • issuing accounting and tax documents;
  • warranty support, claims handling, and after-sales communication;
  • responding to customer inquiries;
  • technical protection, security, and the normal functioning of the website;
  • limited analytics and diagnostic processing after consent, where applicable.

We do not use personal data for marketing without a valid legal basis and the required consent where such consent is necessary.

4. Legal Basis

Processing is based on one or more of the following grounds:

  • Article 6(1)(b) GDPR — performance of a contract or steps taken at the request of the data subject prior to entering into a contract;
  • Article 6(1)(c) GDPR — compliance with a legal obligation;
  • Article 6(1)(f) GDPR — legitimate interest related to security, website protection, and defense against legal claims;
  • Article 6(1)(a) GDPR — consent, where processing depends on your choice, for example for certain analytics and diagnostic tools.

5. Retention Periods

We store personal data only for as long as necessary for the relevant purpose or for as long as required by law. This generally includes:

  • accounting and invoice records — up to 10 years where required by law;
  • data related to warranty service — for the warranty period and a reasonable period afterwards for claims protection;
  • communications and customer inquiries — for a limited period depending on the nature of the communication;
  • technical and session-related data — for the period necessary for website operation and security.

After the applicable period expires, the data is deleted, anonymized, or archived where legally required.

6. Who We May Share Data With

We share data only where necessary to provide the service or where required by law. This may include:

  • courier and logistics providers;
  • accounting services and software systems;
  • hosting, email, and technical providers supporting the website;
  • public authorities and institutions where this follows from a legal obligation.

We do not sell personal data and we do not provide it to third parties for advertising profiling.

7. Analytics and Technical Monitoring

If you choose “Accept all” in the cookie banner, the website may load Cloudflare Web Analytics for aggregated usage statistics and GlitchTip for technical error diagnostics in the public storefront.

These tools are not used for advertising profiling, session replay, or heatmaps. For more details, please see the Cookie Policy.

8. Cookies and Similar Technologies

The website uses strictly necessary cookies for session handling, security, and storing the consent choice. Additional analytics and technical diagnostics are activated only after consent where applicable.

More detailed information is available in the separate Cookie Policy.

9. Your Rights

Under applicable law, you have the right to:

  • access your personal data;
  • rectify inaccurate data;
  • request erasure where the legal conditions are met;
  • restrict processing;
  • object to certain types of processing;
  • data portability where applicable;
  • withdraw consent where processing is based on consent.

You may exercise your rights by contacting us at info@rebooted.bg. You also have the right to lodge a complaint with the Bulgarian Commission for Personal Data Protection or another competent supervisory authority.

10. Data Security

We apply reasonable technical and organizational measures to protect personal data, including access control, need-to-know restrictions, system protection, and regular maintenance.

However, no method of transmission or storage can guarantee absolute security.

11. Social Media and External Platforms

When communicating through Facebook, Messenger, or other external platforms, the relevant platform may act as an independent controller under its own rules. We recommend that you also review the privacy policies of those platforms.

12. Policy Updates

This policy may be updated when legislation, website operations, or the services used by the store change. The latest version is published on the website.

13. Contact

If you have questions, requests, or concerns related to personal data protection, you can contact us at info@rebooted.bg or by phone at +359 899 155 667.