Privacy Policy

1. Data controller

The controller is the entity named in the Imprint. For data-protection questions: noreply@adolf.bg or the address in the Imprint.

2. Data we collect

When you subscribe: email address, billing name, and address (processed by Stripe). Card details are handled directly by Stripe — we never see or store card numbers.

When you use the site: technical logs at the Cloudflare layer (IP, user-agent, request time) retained briefly for security purposes.

3. Legal bases

Performance of the contract (delivering the subscription) — Art. 6(1)(b) GDPR. Legal obligations (accounting/tax) — Art. 6(1)(c). Legitimate interests (site security, abuse prevention) — Art. 6(1)(f).

4. Sub-processors

Stripe (payments, invoicing, VAT) — Stripe Payments Europe Ltd (Ireland) and Stripe Inc. (US). https://stripe.com/privacy

Postmark (transactional email — confirmations, magic links) — ActiveCampaign / Postmark, US. https://postmarkapp.com/privacy-policy

Cloudflare (CDN, security, Worker and Pages hosting) — Cloudflare Inc., US. https://www.cloudflare.com/privacypolicy/

Transfers to US-based processors are on the basis of the EU–US Data Privacy Framework or Standard Contractual Clauses.

5. Retention

Email and subscription data: duration of subscription + 10 years (accounting/tax requirement).

Magic-link tokens: 15 minutes.

Auth cookies: until the end of the paid period.

6. Your rights (GDPR)

You have rights to access, rectify, erase (subject to accounting law), restrict, port, object, and lodge a complaint with a supervisory authority (e.g. CPDP in Bulgaria).

7. Cookies

We use only strictly necessary cookies (auth and security). No marketing or analytics cookies. See the consent banner.