Privacy policy

Plan A is a provider of software solutions and services operating in full compliance with all applicable legislations. In view of the entry into force of the General Data Protection Regulation (GDPR) in May 2018 the company has upgraded its policies, procedures and practices regarding personal data protection. In all our activities we abide strictly by the requirements of the GDPR, the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework. These regulations require that all controllers, processors and sub-processors ensure the best possible protection of personal data. We at Plan A Ltd. achieve this by appropriate organizational and technical measures, by endorsing policies and procedures aiming at adequate data protection by all our staff, sub-processors and freelancers.

1. Applicability

This Privacy Policy describes the types of information we collect, process and retain through our website. It does not apply to information collected by us offline. This Policy explains:

  1. Why we collect your information
  2. What purpose we are processing it for
  3. How long we store it
  4. Whether there are other recipients of your personal information
  5. Whether we intend to transfer it to another country, and
  6. Whether we do automated decision-making or profiling.

Plan A Ltd. collects, processes and retains personal data only on the as-needed principle in order to comply with the applicable legislation and to perform its services. The data collected from our clients and sub-processors normally include business contact data but when personal data are present in documents such as agreements, these documents are handled within the best data security practices. Most of the personal information we process is provided to us directly by you for one of the following reasons:

  1. You have made an information request to us.
  2. You have placed an order for one of our services.
  3. You have applied for a job or secondment with us.
  4. You are representing your organization.

The purpose for which we collect and process your personal data is to ensure that we provide the services you are interested in. The legal basis for processing your data is either a specific regulatory requirement or your explicit consent to use your personal data. We store your information as long as needed depending on the reason it has been collected. For instance, data of persons who have become our full- or part-time employees are stored for the periods specified in the labour legislation. The data of job applicants are stored for the period specified by the applicant (if applicable) or for a maximum of 3 years unless the applicant requests “to be forgotten”. The data of persons with whom we have signed agreements and payments have been made, the data are stored under the Accounting Law. We ensure that you can benefit from the rights granted to you by the GDPR within the respective legal framework such as your right of access, right to rectification, right to erasure and right to restriction of processing (within limitations specified in the respective legislation), and right to data portability (if applicable). We do not apply profiling techniques and do not transfer your personal data to third parties except in case of legal requirements by the law enforcement authorities or your explicit consent.

2. Disclosure to third parties

Personal data may be disclosed to third parties only when required by the law enforcement authorities or other public authorities which have legal right of access to these data. Disclosure to any other parties (such as our business partners) may be done only with the explicit permission of the data subject. Whenever possible, personal data in documents such as CVs are de-identified by pseudonymization or other appropriate methods. Whenever personal data are transferred to countries outside the European Union or the Privacy Shield areas, the same level of data security is demanded by all processors (e.g., subcontractors).

3. Personal data protection

Plan A Ltd. has developed appropriate policies and procedures to ensure compliance with all applicable laws and regulations regarding data security and personal data protection. These include the following, but are not limited to:

  1. Organizational and technical security measures regarding data collection, processing and retention of hard copies and electronic files.
  2. Non-disclosure and confidentiality agreements with employees and contractors.
  3. Providing guidance and demanding from our contractors full compliance with the best possible data protection measures.
  4. Appropriate procedures and methods of data transfer via secure channels of communication and additional measures such as encryption.
  5. Appropriate procedures for retention of documents containing personal data and deletion whenever this is requested by the data subject, or when the document is no longer needed, or when this is specified in the respective procedure.
  6. Adequate measures to ensure the preservation of documents from loss or destruction.
  7. Continuous review of data security practices to ensure full compliance with the applicable legislation and the client requirements set forth in agreements or specific instructions.
  8. Procedures to meet all obligations under the GDPR such as providing access and allowing data subjects to exercise their rights under the GDPR, including the right of notification in case of actual or suspected personal data breach.

4. Information and complaints

The law which governs this Policy and all disputes arising under it is the GDPR and the Bulgaria Data Protection Act. All disputes of whatsoever nature including failure to perform and performance shall be determined by the courts of the Republic of Bulgaria. Any claims may be raised to the Committee for Personal Data Protection at No. 2, Tsvetan Lazarov Street, 1592 Sofia, Bulgaria ( Plan A Ltd. has appointed a person responsible for data protection who is available to provide any additional information and explanations regarding personal data protection and accept any claims regarding data security. You may send your requests and/or claims at:


Plan A uses cookies to ensure you get the best experience on our website. By using our site you consent cookies. See our cookie policy.



Plan A Ltd. is committed to protecting the privacy rights of data subjects. Our website at uses cookies. On this page you will learn more about cookies and how we use them. By using our website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy.

What are cookies?

Website cookies are tiny data files that websites place and store on the computers and mobile devices of users who visit those sites. These files contain information about the user’s actions on the website. They are most often used to recognize return users and remember information about them, such as their browsing activity, information they enter into text fields – including names, email addresses, login information, etc.

How do we use cookies?

Cookies do not contain any information that personally identifies you, but personal information that we store about you may be linked, by us, to the information stored in and obtained from cookies. The cookies used on the website include those which are strictly necessary cookies for access and navigation, cookies that track usage (performance cookies), remember your choices (functionality cookies), and cookies that provide you with targeted content or advertising. We may use the information we obtain from your use of our cookies for the following purposes: 1. to recognise your computer when you visit the website 2. to track you as you navigate the website 3. to improve the website’s usability 4. to analyse the use of the website 5. in the administration of the website 6. to personalise the website for you, including targeting advertisements which may be of particular interest to you.

How we process the data gathered?

Plan A Ltd. and third-party providers we partner with (e.g., our advertising and analytics partners) use cookies and other tracking tools to identify users across different services and devices and ensure better user experience. Please see the list of them below. The services outlined below help us to monitor and analyze both web traffic and user behavior.

  • Google Analytics (Google LLС.) Google Analytics is a web analysis service provided by Google Inc. The service is subject to Google’s privacy policy. Please refer to Google’s Privacy Policy.
  • Google Tag Manager (Google LLС.) Google Tag Manager is a web service designed to optimize the Google Analytics management process. Please refer to Google’s Privacy Policy.
  • Facebook Ads conversion tracking (Facebook, Inc.) Facebook Ads conversion tracking is an analytics service that binds data gathered from the Facebook advertising network with actions performed on Plan A website. Please refer to Facebook’s Privacy Policy.
  • Hotjar (Hotjar Ltd.) is a web analysis service that records user behavior without collecting private user data. Please refer to Hotjar’s Privacy Policy.
  • Google AdWords Tools (Google AdWords Conversion Tracking/ Dynamic Remarketing / User List / DoubleClick) (Google LLС) Google AdWords conversion tracking and other Google Ads services are analytic instruments, connect data from the Google AdWords advertising network with actions taken on Plan A website. Please refer to Google’s Privacy Policy.
  • Facebook Audience Network (Facebook, Inc.) Facebook Audience Network is an advertising service that helps to monitor and evaluate the efficiency of advertising campaigns launched via Facebook. Please refer to Facebook’s Privacy Policy.
  • Bing Ads (Microsoft Corporation). Bing Ads is an advertising for launching and managing advertising campaigns across Bing search and Bing’s partner network. Please refer to Microsoft Corporation’s Privacy Policy.
  • Google AdWords (Google LLC) DoubleClick (Google Inc.) / DoubleClick Bid Manager / Google DoubleClick Google AdWords and Double Click are advertising services that enable efficient interaction with potential customers by suggesting relevant advertisements across Google Search, as well as Google’s partner networks. Please refer to Google’s Privacy Policy.
  • LinkedIn Marketing Solutions / LinkedIn Ads (LinkedIn Corporation) LinkedIn Ads allows for tracking the efficiency of advertising campaigns launched via LinkedIn. Please refer to LinkedIn’s Privacy Policy.


How to control cookies

The “Help” section on the menu bar of most internet browsers will tell you how to prevent your browser from accepting new cookies, how to make the browser notify you when you receive a new cookie and how to disable cookies altogether. Please note that certain features of the Website may no longer be available to you if you disable cookies. You also can manage your cookies preferences using the following links for some of the most popular internet browsers: Google Chrome Microsoft Edge Mozilla Firefox Microsoft Internet Explorer Opera Apple Safari

Updates & contact

If you have any questions in relation to this Cookie Policy you may contact us at:


Stay up to date, subscribe to our newsletter !