top of page

GDPR Policy

for the provision and use of online information 

Last Updated: 24.04.2022

Virtual Deck Ltd. is committed to protecting the privacy and security of personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller


Virtual Deck Ltd. is the data controller responsible for the processing of personal data collected through this website.


2. Data Collection


We may collect and process the following types of personal data:

  • Contact Information: Name, email address, phone number, postal address.

  • Account Information: Username, password, account preferences.

  • Transaction Information: Purchase history, payment information.

  • Technical Information: IP address, browser type, device type, operating system.


3. Purpose of Data Processing


We process personal data for the following purposes:

  • To provide and maintain our services.

  • To communicate with you, including responding to inquiries and providing customer support.

  • To process transactions and deliver products or services.

  • To personalize and improve user experience on our website.

  • To comply with legal obligations.


4. Legal Basis for Processing


We process personal data based on one or more of the following legal bases:

  • The data subject has given consent to the processing of their personal data for one or more specific purposes.

  • Processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract.

  • Processing is necessary for compliance with a legal obligation to which we are subject.

  • Processing is necessary to protect the vital interests of the data subject or of another natural person.

  • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

  • Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.


5. Data Retention

We will retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements.

Our company is hosted on the platform. provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through’s data storage, databases and the general applications. They store your data on secure servers behind a firewall.  


All direct payment gateways offered by and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.


6. Data Subject Rights


Data subjects have the following rights under the GDPR:

  • Right to access: Data subjects have the right to request access to their personal data.

  • Right to rectification: Data subjects have the right to request the correction of inaccurate or incomplete personal data.

  • Right to erasure: Data subjects have the right to request the deletion of their personal data.

  • Right to restrict processing: Data subjects have the right to request the restriction of processing of their personal data.

  • Right to data portability: Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format.

  • Right to object: Data subjects have the right to object to the processing of their personal data in certain circumstances.


7. Data Security


We have implemented appropriate technical and organizational measures to ensure the security of personal data.

8. Data Transfers


We may transfer personal data to countries outside the European Economic Area (EEA) that do not provide an adequate level of data protection. In such cases, we will ensure that appropriate safeguards are in place to protect personal data.


9. Contact Information


If you have any questions or concerns about our privacy practices or this Privacy Policy, please contact us at

If you don’t want us to process your data anymore, please contact us at or send us mail to: Virtual Deck Ltd., Pirotska str. 45, Sofia 1303, Bulgaria.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

bottom of page