krissicrochets · Stara Zagora, Bulgaria

Privacy Policy

Last updated: June 2026
Your privacy matters to us. This policy explains what personal data we collect, why we collect it, how we use it, and what your rights are. We are committed to handling your data responsibly and in compliance with the General Data Protection Regulation (GDPR) and applicable Bulgarian law.
01

Who We Are (Data Controller)

The data controller responsible for your personal data is:

Shushon Ltd
UIC: BG204732472
Stara Zagora, Bulgaria
Trading as: krissicrochets / KrissiCrochetdesigns
Email: hello@krissicrochets.store
Website: krissicrochets.store
02

What Data We Collect

We only collect data that is necessary to process your order and deliver your product. This may include:

  • Name — to identify your order
  • Email address — to deliver your PDF and send order confirmation
  • Payment information — processed securely by Stripe or PayPal; we never see or store your full card details
  • IP address and browser data — collected automatically by our platform (Systeme.io) and analytics tools for security and performance purposes
  • Country — for tax and compliance purposes

We do not collect sensitive personal data (such as health information, identification numbers, or financial account details beyond what is needed for payment processing).

03

Why We Collect Your Data (Legal Basis)

We process your data on the following legal bases under GDPR:

  • Contract performance — to process your purchase and deliver the digital product you ordered
  • Legal obligation — to maintain transaction records as required by Bulgarian accounting and tax law
  • Legitimate interest — to prevent fraud and ensure platform security
  • Consent — if you opt in to receive marketing emails, we will use your email address to send you relevant updates; you may withdraw consent at any time
04

How We Use Your Data

Your data is used solely for the following purposes:

  • Processing and confirming your order
  • Delivering your purchased PDF by email and/or download link
  • Responding to support enquiries you send to us
  • Sending transactional emails related to your purchase
  • Sending marketing emails, only if you have explicitly opted in
  • Meeting our legal and accounting obligations

We do not sell, rent, or share your personal data with third parties for their own marketing purposes.

05

Third-Party Services

To operate our store, we work with the following trusted third-party services. Each has its own privacy policy governing how they handle data:

  • Systeme.io — our funnel and delivery platform (stores order data and manages email delivery)
  • Stripe — payment processing (subject to Stripe's Privacy Policy)
  • PayPal — payment processing (subject to PayPal's Privacy Policy)
  • Meta (Facebook/Instagram) — if you arrive via a Meta ad, we may use a Facebook Pixel to measure ad performance; this is subject to Meta's Data Policy
  • Zoho Mail — our email service provider for support correspondence

All third-party processors are required to handle your data in compliance with applicable data protection laws.

06

Cookies & Tracking

Our website may use cookies and similar tracking technologies for the following purposes:

  • Essential cookies — required for the website and checkout to function correctly
  • Analytics cookies — to understand how visitors use our site (e.g. page views, time on site)
  • Advertising cookies — if you came via a paid ad, a pixel may track whether you completed a purchase, to help us measure ad effectiveness

You can disable cookies in your browser settings at any time, though this may affect the functionality of the checkout process.

07

How Long We Keep Your Data

We retain your data only for as long as necessary:

  • Order and transaction records — retained for 5 years in accordance with Bulgarian accounting law
  • Email correspondence — retained for up to 2 years after last contact
  • Marketing email list — until you unsubscribe or request deletion

After the relevant retention period, your data is securely deleted or anonymised.

08

Your Rights Under GDPR

As a data subject, you have the following rights:

Access

Request a copy of the personal data we hold about you.

Rectification

Ask us to correct inaccurate or incomplete data.

Erasure

Request deletion of your data where there is no legal obligation to retain it.

Restriction

Ask us to limit how we use your data in certain circumstances.

Portability

Receive your data in a structured, machine-readable format.

Objection

Object to processing based on legitimate interest or for direct marketing.

To exercise any of these rights, contact us at hello@krissicrochets.store. We will respond within 30 days. If you are unsatisfied with our response, you have the right to lodge a complaint with the Bulgarian Commission for Personal Data Protection (CPDP) at cpdp.bg.

09

International Data Transfers

Some of our third-party service providers (such as Stripe, PayPal, and Systeme.io) may process data outside of the European Economic Area (EEA). Where this occurs, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

10

Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated date at the top. We encourage you to review this page periodically. Continued use of our website after changes are posted constitutes acceptance of the updated policy.

Questions about your data?

Contact us directly — we'll respond personally within 30 days.

hello@krissicrochets.store

No bots. Just Krissi.