About us:

This privacy policy explains how International Legal Advice Center (“ILAC”, “We”) a NGO established under Bulgarian law, No 176397057, with registered office in 123 Knyaz Boris Str., 1000 Sofia, Bulgaria, processes your personal data in accordance with European Regulation 2016/679 (“GDPR”) and with the local data protection regulations applicable in any country, territory or location in which it operates (together with GDPR, the “Privacy Regulations”).

This privacy notice informs you about how ILAC, in the capacity of Data Controller, looks after your personal data as our website www.ilac.eu visitor and provide information about your privacy rights and how the legislation protects you.

If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact our Data Protection Officer (“DPO”) at the following contact details.


Contact information:

  • Full name of legal entity: International Legal Advice Center
  • Address: 123 Knyaz Boris Str., 1000 Sofia, Bulgaria
  • Email address: office@ilac.eu
  • DPO contact: dpo@dpa.bg
  • Supervisory Authority: Bulgarian Commission for Personal Data Protection
  • Address: 2 Prof. Tsvetan Lazarov Blvd., 1592 Sofia, Bulgaria
  • Email address: kzld@cpdp.bg
  • Web site: cpdp.bg


Data protection principles we follow:

ILAC is committed to processing data in accordance with its responsibilities under Article 5 of the GDPR, which requires that personal data shall be:

  • processed lawfully, fairly and in a transparent manner in relation to individuals;
  • collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
  • adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  • accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
  • kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organizational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
  • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.


What are the personal data we collect, from where, what are the purposes and the legal foundations for data processing?

ILAC, in the capacity of Data Controller, processes lawfully and conscientiously your personal data, collecting and processing them for specific, explicitly stated and legitimate purposes. Your personal data is kept to a minimum and is limited to what is necessary for the purposes for which it is processed.

We collect personal data about you whenever you use our services on our website www.ilac.eu on the following occasions:

Category of personal data Purposes / Activities Legal basis
Name and Surname, email address and/or telephone number; any other information that the data subject provide us voluntary Necessary for using our contact form Your consent to data processing for this specific purpose (Art.6, §1, letter “a” of GDPR)
IP Address; information about your visit, including URL and timestamp To administer and protect our website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data). *When you only visit our website, your data is anonymous and does not allow your identification. Necessary for our legitimate interests – for running our website, IT services, network security (Art. 6, §1, letters “b” and “e” of GDPR) – legal obligation (ILAC Terms and Conditions) and legitimate interest of the Data Controller
Email address Sending marketing newsletters for making suggestions and recommendations to you about services that may be of interest to you

Subscribing to newsletters offered by ILAC is entirely voluntary and is done by you personally, with your explicit consent. (Art.6, §1, letter “a” of GDPR)


Change of purpose:

ILAC will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us on the following email address: dpo@dpa.bg  If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Children’s privacy:

ILAC do not knowingly collect any information from anyone under 14 years of age. Our website is directed to people who are at least 14 years old or older. If you are under 14, do not use or provide any information on this website. If we learn that we have collected or received personal data from a child under 14, we will delete that information, unless consent is given or authorised by the holder of parental responsibility over the child.

Third Party Links:

Our website may include links to third-party websites, microsites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. Therefore, whenever you make use of these links or microsites or when you leave our website, please read the privacy notice of the third party.

Cookies, Web beacons and other similar technologies:

Our Website uses “cookie” and “web beacon” technology. We use cookies and web beacons to distinguish you from other visitors, track your IP address and usage of our site, and to indemnify the name of the website from which you linked to our website. This information is used for helping us to serve you better by improving our website design, as well as our services. We do not otherwise track any information about your use of other websites. Non-personal data or anonymised / pseudonymised information obtained through cookies and web beacons may be shared with or obtained by service providers on our behalf.

A cookie is a small data file that is placed on the hard drive of your computer when you visit a website. A “session cookie” expires immediately when you end your session (i.e., close your browser). A “persistent cookie” stores information on the hard drive so when you end your session and return to the same website at a later date, the cookie information is still available. A web beacon is a small string of code that represents a clear graphic image and is used in conjunction with a cookie.

How to manage cookie settings in your browser?

Each browser has its own cookie management system, as described in the “Help” menu of your browser, where you will be provided with all necessary information about how to set your preferences.

For Microsoft Internet Explorer 8.0 and more:

Go to “Tools” menu, then “Internet Options”

Click on “Confidentiality”

Select your preferred level of confidentiality

For Mozilla Firefox:

Go to “Tools” then “Options” menu

Click on the “Privacy” settings

Select your preferred option on the “Cookie” menu

For Opera:

Go to “Files” > “Preferences”

Click on “Privacy”

Select your preferred options

For Google Chrome:

Click the Chrome menu on the browser toolbar

Select “settings” then click “show advanced settings”

In the “Privacy” section, click the “Content settings” button.

In the “Cookies” section, you can change cookies settings

For Android browser:

Click on the upper right button

Go to “Settings” then “Privacy & security menu”

Select your preferred option


For Dolphin Browser on Android:

In the Menu, go to “More” then “Settings”

Select the “Privacy & security settings” menu

Select you preferred option in the “cookies” menu

For Safari on iOS:

In the “Settings” app, go to “Safari” menu

Go to “Accept cookies” entry under “Privacy”

Select your preferred option



In our Cookie settings you can find more about cookies, as well as the ways to disable them at any time by using your browser options.

With whom we share your personal data:

To best serve you, we may share your personal data with service providers that provide support services to us or that help us market our services. Service providers are third parties who perform services on our behalf. They are contractually restricted from using your information in any manner other than in helping us to provide you with the services available from ILAC. These companies are (without enumeration being exhaustive):

– Google (с Google Analytics, Google Tag Manager, AdManager, AdX, AdSense, AdWords, Google Plus): https://privacy.google.com

– Facebook (с Facebook Tracking Pixel, Facebook Tools – Plug-in “like” button, Sign in with Facebook profile и др.) : https://www.facebook.com/privacy/

We may also disclose your personal data to a third party when you ask us to do so or when we believe it is required by law (only to state bodies, institutions and persons to whom we are obliged to provide personal data by law).

Data Security:

We have put in place appropriate security measures (incuding encryption, anonymization or/and pseudonymization procedures where required) to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Retention of your information:

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by contacting us.

In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Your rights to privacy:

You have the right to:

  • obtain confirmation of the storage of your personal data (right to access);
  • request ILAC to have your personal data rectified;
  • request that your personal data is erased;
  • request that ILAC limits the processing of your personal data;
  • oppose the processing of your personal data
  • request the portability of your personal data in a structured and machine-readable format and transmit it to another Internet Service Provider;
  • oppose being subject to a decision making solely based on automated data processing producing legal effects on the data subject, recalling the always available possibility to rely on the assistance of one of our employees;
  • withdraw the consent previously given (in any case, this shall not prejudice the legitimacy of data processing prior to your consent withdrawal).

You have the right to lodge a complaint with the Bulgarian Commission for Personal Data Protection if you believe that your personal data have been processed in violation of the Privacy Regulations.

To exercise these rights, you may contact ILAC by sending a request to the following e-mail address: dpo@dpa.bg

With regard to any matter relating to the processing of your personal data and the exercise of your rights under the GDPR, you may contact our DPO at 123 Knyaz Boris Str., 1000 Sofia, Bulgaria, email address: dpo@dpa.bg

No fee usually required:

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

Identification of your request:

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond:

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Changes to Privacy Policy:

This version was last updated on the 31st of May 2021 and historic versions can be obtained by contacting us. This notice replaces all previous disclosures we may have provided you about our information practices. We reserve the right to change this notice, and to apply any changes to information previously collected, as permitted by law. If there are material changes to this notice or our information practices change in the future, we will notify you by posting the changes on our website. Please keep us informed if your personal data changes during your relationship with us.

Entry into force: 23th of May 2018

Last updated:  31st of May 2021

If you want access to your data please use our privacy Center –

Cookie settings
Read more
Privacy policy
Terms & conditions pages