Last Update :
30 June, 2025
This Privacy and Cookies Policy aims to inform you, the user (whether an employer or a candidate), how Himalaya Gate LLC collects, uses, stores, and protects your personal data when you visit or use our website www.himalayahr.com .
We, Himalaya Gate LLC, UIC: 208306175, with registered office at Vardar 24, Vratsa, Bulgaria, are a Personal Data Controller. The protection of your personal data is of utmost importance to us, and we process it strictly in accordance with the General Data Protection Regulation (Regulation (EU) 2016/679 - GDPR) and applicable Bulgarian legislation.
Please read this Policy carefully. If you do not agree with it, please do not use our website and services. Continuing to use the website after any changes to this Policy will be considered as your acceptance of them.
For any questions related to your personal data or this Policy, you can contact us at:
Company Name: Himalaya Gate LLC
UIC: 208306175
Registered Office and Management Address: st. "Vardar", Vratsa, Bulgaria.
Email for inquiries: himalayagate.eu@gmail.com
Phone Number: +359876100826
We collect and process various categories of personal data necessary for providing our intermediary services. This may include:
For Job Candidates: Full name, date of birth, nationality, email address, phone number, physical address/location, education details (including language skills and additional qualifications), information on previous professional experience and employers, current and desired remuneration, employment status, motivation for change, work permit details (if applicable).
For Employers: Company name, UIC, registration address, contact person's name, email address, phone number, job position requirements, industry, and business activity information.
During Communication: Content of letters, emails, and other communications we receive from you.
When Using the Website: IP address, browser type, date and time of access, pages viewed, and other technical information collected through cookies.
Important: We do not collect or process sensitive personal data (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, or data concerning a person's sex life or sexual orientation). If such information is inadvertently sent to us, it will not be stored or processed.
We process your data solely for the purposes for which it was collected, and we do not use it for other purposes. These purposes are directly related to our core business – employment mediation and career consulting, as well as fulfilling legal obligations.
Legal Bases for Processing:
Performance of Contractual Obligations: To provide the intermediary services you have agreed to (e.g., connecting candidates with employers, registration in our database, career consulting).
Compliance with Legal Obligations: To comply with the requirements of Bulgarian and European legislation (e.g., Ordinance on the Terms and Procedure for Performing Intermediary Activities for Employment, Accountancy Act, providing information to state authorities such as Employment Agency, General Labour Inspectorate, NRA, Ministry of Interior, courts, etc.).
Legitimate Interests: To manage and improve our operations, ensure the security of the website and information, prevent fraud, or defend our rights and legitimate interests in judicial or administrative proceedings.
Your Consent: In cases where processing does not fall under the above categories (e.g., for direct marketing), we will request your explicit consent before processing. You can withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
We share your personal data only when it is strictly necessary and with appropriate safeguards:
With Potential Employers: Candidate data (such as names, CVs, professional experience) is shared with employers seeking personnel, only after your explicit consent.
With Potential Candidates: Information about job vacancies and employer requirements is shared with candidates we deem suitable.
With Service Providers: We may share data with third parties who provide us with services (e.g., hosting, CRM systems, accounting services, IT support), provided they comply with applicable data protection legislation and have entered into appropriate data processing agreements.
With State Authorities: When legally required, we provide information to state institutions and regulatory bodies.
We implement all necessary organizational, technical, and physical measures to protect your personal data from loss, misuse, unauthorized access, alteration, or disclosure. These include:
Technical Measures: Use of encryption (SSL certificate for the website), secure servers, access control systems for data, regular backups.
Organizational Measures: Strict internal policies and procedures for handling personal data, limiting access to data only to authorized personnel, regular employee training on data protection, procedures for handling security incidents and breaches.
Physical Measures: Restricted physical access to premises where data is stored and server rooms.
We store your personal data only for the period necessary to fulfill the purposes for which it was collected, or as long as there is a legal basis for its storage.
Example Retention Periods:
For Candidate Data: Up to 5 years after the completion of the selection process or termination of the intermediary services contract, in accordance with the Ordinance on the Terms and Procedure for Performing Intermediary Activities for Employment. A longer period is possible only with your explicit written consent.
For Accounting Documents: Up to 10 years, in accordance with the Accountancy Act.
Data for Contractual Relationships: For the duration of the contract and a reasonable period after its termination to protect legitimate interests in case of potential legal claims.
Upon expiry of the retention period, your data will be securely deleted or anonymized.
Under the GDPR, you have the following rights regarding your personal data:
Right to Information and Access: To obtain confirmation as to whether or not your personal data are being processed, and access to them, as well as information about the purposes, categories of data, recipients, and retention period.
Right to Rectification: To request the rectification of inaccurate or incomplete personal data concerning you.
Right to Erasure ("Right to Be Forgotten"): To request the erasure of your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw your consent (if that is the sole basis for processing). Please note that this right is not absolute and has exceptions (e.g., when the data is necessary for compliance with a legal obligation).
Right to Restriction of Processing: To request the restriction of processing when you contest the accuracy of the data, or the processing is unlawful but you do not want erasure, or you need the data for the establishment, exercise, or defense of legal claims.
Right to Data Portability: To receive your data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
Right to Object: To object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent: If processing is based on your consent, you can withdraw it at any time. This does not affect the lawfulness of processing based on consent before its withdrawal.
Right to Lodge a Complaint: To lodge a complaint with a supervisory authority if you believe there has been a breach of the GDPR. The supervisory authority in Bulgaria is the Commission for Personal Data Protection (CPDP):
Address: 2 "Prof. Tsvetan Lazarov" Blvd., Sofia 1592, Bulgaria
Website: www.cpdp.bg
Email: kzld@cpdp.bg
Phone: +359 2 915 35 18
How to Exercise Your Rights: You can exercise your rights by contacting us using the contact details provided in Section 2. We will respond to your requests within the legally established deadlines.
Our website uses cookies and similar technologies to enhance your user experience and analyze how you use our site.
What are Cookies: Cookies are small text files stored on your device (computer, tablet, mobile phone) when you visit a website. They help the website recognize your device on subsequent visits and remember certain preferences.
What types of cookies do we use:
Analytical/Statistical Cookies: We use these to collect anonymous information about how users interact with the website (e.g., which pages they visit most often, where visitors come from). This helps us analyze and improve the site's performance. Tools like Google Analytics are often used.
Marketing/Advertising Cookies (if applicable): If you use these, they are used to display relevant advertisements based on your interests, as well as to measure the effectiveness of advertising campaigns.
Your Consent for Cookies: Upon your first visit to our website, a cookie consent banner will be displayed, allowing you to accept or decline the use of different types of cookies (with the exception of strictly necessary ones). By continuing to use the website without changing your browser settings, you consent to the use of cookies.
Managing Cookies: You can control and/or delete cookies at any time through your browser settings. Please note that disabling cookies may affect the functionality of the website and limit some of its features. For more information on how to manage cookies, you can visit [insert a link to general information about cookies, e.g., aboutcookies.org or AllAboutCookies.org, if you wish to provide one, or simply delete this part if no such link will be provided].