This PRIVACY POLICY is an integral part of the GENERAL TERMS OF USE of the site www.agriabg.com (The Site), administered by AGRIA GROUP HOLDING JSC (The Company).

The way we collect and process the personal data of data subjects – end users is hereby specified. The ways, in which you can contact us, should you need to are also described.


I. What type of information does the Site collect?

When using the services on the Site to ensure best performance, our information system needs a particular type of information about you, with which you can directly or indirectly be identified.


1. Information that the User provides voluntarily:

а) In the cases when it is necessary for a service, we may ask you to provide us with the following personal data:

1) your names

2) valid email address

3) phone number

4) additional data (request and/or user content);

b) The above personal data categories can also be requested when you have a potential enquiry to us in connection with exercising your rights, which are described below.


2. Information that the Site collects from the User

For the performance of certain functionalities on our site and the services you have access through it, our information system collects information from your computer while performing operations that are typical for the normal function of the WEB.  The following additional categories of personal data can also be collected in this way, namely:

1) IP address

2) browser used

3) preferred language settings

4) type of the device which is used for accessing the site


3. Personal data of children. How do we treat them?

The services of the site are not directed to persons under 18 years of age. The Company does not aim and does not wish to collect personal data of children in relation to the services provided through the site.

In the event that the Company receives information about minors in connection with the services of the Site, we shall not process it and shall delete it unless a legal act obliges us to process the data in another specific way.


II. Who do we collect information from?

In connection with the purposes that are specified below, the Site collects information from its visitors, including end users – data subjects. 

Personal data of the site visitors can also be provided by third parties in their capacity of service providers. 


III.  How do we collect the information?

The personal information, which is collected through the site, can be gathered in the following ways, together and separately:

1. Provided personally and voluntarily by the visitor;

2. By using “cookies” and other similar solutions for optimizing the site performance, analysis and sending commercial messages.

If you want to learn more about these technologies, how they function and how we use them, please visit our COOKIE POLICY.


IV. Why are data processed, what are the legal grounds and the processing period?

The Company uses the information described above for different purposes based on the respective legal grounds, and namely:

Data categories

Purpose of the processing

Legal ground under  (GDPR)

Means of collecting

Storage period

1.IP address

2.Used browser

3.Language settings

To provide the full functionality of the Site

1. Art. 6, item 1 b) – the processing is necessary for the performance of a contract

Through using the website of the company

Up to 3 months


1. two names

2. email address

3. phone

4. request and/or user information

To contact

1. Art. 6, item 1 а) - the data subject has given consent to the processing of his or her personal data

1.Through contact form


Until the withdrawal of the consent

1. Name

2. Phone and/or email

3.Physical address of correspondence

Official, legal and/or system warnings, legal purposes.


1. Art. 6, item 1 c) - for compliance with a legal obligation to which the controller is subject

In exercising guaranted rights of data subjects

Up to 60 months

Measures for guaranteeing lawful and in good faith processing. What measures have we taken to protect your data?

In compliance with the European legislation, the Company maintains appropriate, necessary and proportional technical and organizational measures for the protection of  users’ data, including the prevention of unauthorized access to them and/or their wrong usage.

The Company uses business systems, procedures and information technologies which protects your personal data adequately and ensures its safety.

Only authorized personnel have access to the personal data in our information systems.


VI.  How do we ensure the safety?                                                                                                               

The collected data of site users is systemized in registers, which are subject to cryptographic (encryption) protection. The data registers are located on the hard memory of computer systems with limited technical and physical access by qualified and trained personnel.


VII. Who do we share your information with?

The Company does not share personal data of the site visitors with third parties outside the holding structure of the Company.

Despite this, it is possible to share your personal information in certain situations with third parties but only in the following cases:

Subject sharing


Legal basis under General Data Protection Regulation (GDPR)

Accounting and control

For implementation of the obligations under accounting law or recognized international accounting standards.

Art. 6, item 1, “c

Special authority - administrative, juridical and/or executive authority

1.If necessary and in an obligation for disclosure of a commercial secret;

2. In connection with the settlement of disputes before a competent court and / or arbitration;

3. Sharing information with law enforcement agencies and financial institutions whom this is required by law or is essential for the prevention, detection or prosecution of criminal activity or fraud.

Art. 6, item 1,“c


VIII. User rights in connection with the personal data

The table below presents the rights of every end-user – data subject, which are ensured by the European legislation on data protection:

Type of right


Relevance to the Site

Right to information

In providing their personal data or before they are collected by the administrator for processing, the User has the right to be informed about the following circumstances: 1. Who the administrator is; 2. What the purposes for processing are; 3. What the legal ground and/or legal interest are; 4 Who can receive information; 5. What the period of their storage is; 6. What the rights of the users are; 7. Is there any automatic decision, including profiling.


Right to access

The user has the right of access to their personal data, which the Site process. This includes data from “Right to information”, as well as the source of the personal data and the data categories that are processed. When personal data are not collected directly by the User, the latter shall also receive information about the method of collecting, the type of processing, and the applicable legal ground.


Right to rectification

The user has the right to ask the administrator to adjust without undue delay inaccurate personal data relating to the user - the subject of personal data.


Right to erasure

The User has the right to ask the administrator to delete without undue delay the personal data related to him/her.


Rightto be forgotten

When the administrator has made the data publicly available and is obliged to delete them, they shall take reasonable steps to notify the other administrators, who are processing the personal data, that the data subject has requested from these administrators a deletion of all links, copies or replicas of these personal data.


Right to restriction of processing of personal data

The user has the right to ask the administrator for a restriction of the processing if at least one of the following cases is present: 1. The accuracy of the data is disputed by the user; 2. The processing was unlawful or improper, but the user does not want its deletion; 3. The controller does not need the personal data for the purposes of the processing any longer, but the user requires them for the exercising or protection of their legal claims; 4. The user has objected to data processing and expects a completion of the verification by the controller.

During a restriction of the processing, the data may still be stored by the controller. 


Right to data portability

The user is entitled to obtain from the controller personal data which concern them and which the user has provided to the controller, if: 1. The processing is made automatically; 2. The processing is based on a consent or enforces a contractual obligation.

This right includes the administrator’s obligation to transmit to other administrator the personal data specified by the User.


Right to objection of personal data processing

The user has the right to object to the processing of their personal information that is provided to the administrator in the performance of a task of public interest, it is necessary for the purposes of the legitimate interests of the controller, a profiling or direct marketing is carried out.

In the exercise of this right, the user’s personal data can be deleted from the controller’s devices. 


Right to not be subject to processing, including profiling

The user has the right not to be subject to a decision based solely on automated processing, including profiling.


Right to lodge a complaint

The user has the right to lodge a complaint to a supervisory authority (Commission for personal data protection), if they deem that the processing of personal data, which is related to them, breach the provisions of the General regulation referring to the data protection. The data subject may exercise this right in the Member State of their habitual residence, place of business or place of alleged infringement.


If you want to learn more about your rights, the means and procedures of their exercising, you can visit the informational website of The European supervisory body on data protection or of the supervisory body of Republic of Bulgaria - Commission for personal data protection.


IX.  How can you exercise your rights?

The User can always and at any time exercise their rights. In order to be most useful in this process, it is necessary to send us an enquiry via standard post or email to the addresses specified below.

For convenience, you can use our standard form of, which is attached in Appendix №1 below.


X. Who is responsible for the personal data processing?

In connection with the personal data processing through the Site, the Company acts in its capacity as a personal data administrator and an administrator of the Site.


Contact details of the controller



Registered address

9th fl., Knyaz Boris I Blvd., Varna



Executive Director

Emil Raykov




+ 35 52 55 40 00

Business address

9th fl., Knyaz Boris I Blvd., Varna

Contact details of the supervisory body in connection with the personal data protection


Commission for personal data protection


2, Prof. Tsvetan Lazarov Blvd., 1592, Sofia, Bulgaria




+ 359 2 9153518


For questions or comments regarding this personal data policy, you can send an enquiry via letter by post or email to the following electronic address: office@agriabg.com.


This PRIVACY POLICY is adopted and endorsed by the Executive Director of AGRIA GROUP HOLDING JSC – Emil Raykov on 23th of May 2018.


The Policy is consistent with the legislation in force as of the date of endorsement as well as with the Common European and national legal framework in the field of personal data protection.


Date of publication: 23th May 2018





To the Privacy policy on


Standard form of inquiry and right exercising on www.agriabg.com













Preferred means of communication:




(Mobile) phone


Physical address




* It is necessary to fill at least one field in order to verify the identity when processing the application


Type of user:






Site user










Job applicant













Request for access to personal information




Request for personal data rectification




Request for personal data erasure




Request for data transmission to other data controller




Lodge a complaint








Description of the inquiry