top of page

PRIVACY POLICY

Effective Date: 10 July 2026


1. Introduction
Solo Capital Ltd. (“Solo Capital”, “we”, “us” or “our”) respects your privacy and is committed to protecting your personal data.
This Privacy Policy explains how we collect, use, store, disclose and protect personal data when you visit www.solocapital.bg, contact us or use our services relating to:

  • recruitment and personnel selection;

  • business sales and M&A advisory;

  • investor identification and transaction support;

  • polygraph examinations.

We process personal data in accordance with Regulation (EU) 2016/679 (“GDPR”), the Bulgarian Personal Data Protection Act and other applicable legislation.
2. Data Controller
The data controller is:
Solo Capital Ltd.
Company Registration Number (UIC): 123754601
Registered office:
170 Kolyo Ganchev Street
Vasil Levski District
Floor 2, Apartment 10
6008 Stara Zagora
Republic of Bulgaria
Website: www.solocapital.bg
Email: jobs@solocapital.bg
Telephone: +359 898 531 692
Questions or requests concerning personal data may be sent to the email address above.
3. Personal Data We Process
Depending on your relationship with us, we may process:

  • name, date of birth and identification information where necessary;

  • email address, telephone number and postal address;

  • CV, employment history, education, qualifications, skills and references;

  • job preferences and information provided during interviews;

  • company name, job title and business contact details;

  • information concerning company ownership or representation;

  • investment interests and professional correspondence;

  • information contained in confidentiality agreements and transaction documents;

  • information submitted through our website, email or telephone;

  • IP address, device information, security logs and essential technical information;

  • information necessary to arrange, conduct and document a polygraph examination.

We ask individuals not to provide information that is unnecessary for the relevant service.
4. How We Collect Personal Data
We may obtain personal data:

  • directly from you;

  • through website forms, email or telephone;

  • from candidates, clients, investors and business partners;

  • from employers engaging us for recruitment services;

  • from references authorised by a candidate;

  • from publicly available professional sources and company registers;

  • from authorised representatives and transaction advisers.

Where personal data is obtained from another source, we process it only where a valid legal basis exists.
5. Recruitment and Personnel Selection
We process candidate data to:

  • assess applications and professional suitability;

  • identify suitable employment opportunities;

  • communicate with candidates;

  • arrange interviews;

  • present candidates to potential employers;

  • manage recruitment assignments.

Candidate data is not provided to an employer without the candidate’s knowledge or another valid legal basis.
CVs and related recruitment information are normally retained for one month after completion of the relevant selection process. Data may be retained for longer where required by law, necessary for legal claims or separately authorised by the candidate.
6. Business Sales and M&A Advisory
We process personal data relating to business owners, shareholders, managers, advisers, prospective buyers and investors in order to:

  • advise on the sale of businesses;

  • identify and contact potential investors;

  • prepare and manage transaction processes;

  • administer confidentiality agreements;

  • organise meetings and negotiations;

  • coordinate due diligence;

  • support the preparation and completion of transactions;

  • comply with contractual and legal obligations.

Personal data and confidential transaction information are shared only where reasonably necessary for the transaction and subject to appropriate confidentiality arrangements.
7. Polygraph Examinations
For polygraph services, we may process identification details, contact information, consent records, examination information and the resulting report.
A polygraph examination is conducted only after the individual has received appropriate information and has voluntarily agreed to participate, except where another lawful basis clearly applies.
Polygraph information is treated as confidential and is accessible only to authorised persons. Results are provided only to the examined person, the commissioning client where lawfully authorised, or another person entitled to receive them.
Where an examination may involve health information, biometric information or another special category of personal data, such information is processed only where an additional condition under Article 9 GDPR applies.
Solo Capital does not use polygraph results as the sole basis for automated decision-making.
8. Legal Bases for Processing
Depending on the circumstances, we rely on one or more of the following legal bases:

  • your consent;

  • steps requested before entering into a contract;

  • performance of a contract;

  • compliance with a legal obligation;

  • protection of vital interests where applicable;

  • our legitimate interests or those of a client or investor, provided that these interests do not override your rights and freedoms;

  • establishment, exercise or defence of legal claims;

  • another applicable legal basis for processing special categories of personal data.

Where processing is based on consent, you may withdraw that consent at any time. Withdrawal does not affect processing already carried out lawfully before the withdrawal.
9. Recipients of Personal Data
Where necessary, personal data may be shared with:

  • authorised employees and consultants of Solo Capital;

  • employers involved in a recruitment process;

  • business owners, buyers and qualified investors;

  • legal, financial, tax and transaction advisers;

  • IT, hosting, email and website service providers;

  • public authorities where disclosure is legally required;

  • courts, regulators or law-enforcement authorities where applicable.

Recipients are given access only to data necessary for the relevant purpose and are expected to protect its confidentiality.
We do not sell personal data.
10. International Data Transfers
In connection with business sales and M&A transactions, personal data may be disclosed to prospective investors located outside the European Economic Area.
Before such a transfer, we assess whether it is necessary and whether an appropriate transfer mechanism is available. Depending on the destination and circumstances, safeguards may include:

  • an adequacy decision adopted by the European Commission;

  • Standard Contractual Clauses approved by the European Commission;

  • confidentiality and data-protection obligations;

  • the individual’s explicit consent where legally appropriate;

  • another transfer mechanism permitted by the GDPR.

Whenever practicable, transaction information is anonymised or limited before disclosure to prospective investors.
Candidate data is not transferred to employers outside the European Economic Area unless the candidate has been informed and a lawful transfer mechanism applies.
11. Data Retention
We retain personal data only for as long as necessary for the purpose for which it was collected.
In particular:

  • recruitment data is normally retained for one month after the relevant recruitment process;

  • unsuccessful general enquiries are retained only as long as necessary to respond;

  • client, transaction and accounting records may be retained for the duration of the relationship and for applicable statutory limitation, tax and accounting periods;

  • polygraph records are retained only for the period necessary to provide the service, comply with legal obligations and address possible legal claims.

Data may be retained for a longer period where required by law, necessary for legal proceedings or subject to an unresolved dispute.
After the applicable period, personal data is deleted, anonymised or securely destroyed.
12. Data Security
We use appropriate organisational and technical measures designed to protect personal data against:

  • unauthorised access;

  • accidental loss;

  • unlawful disclosure;

  • alteration;

  • destruction;

  • misuse.

Access is limited to persons who require the information for legitimate professional purposes and who are subject to confidentiality obligations.
No internet or electronic storage system can be guaranteed to be completely secure. However, we review our safeguards and take reasonable measures appropriate to the nature of the information and the associated risks.
13. Website and Technical Information
Our website may process limited technical information necessary for its operation, security and availability, including IP address, browser information, device information and server logs.
We do not currently use Google Analytics, Meta Pixel or similar advertising analytics tools.
The website platform or hosting provider may use strictly necessary technologies for security, network management and basic website functionality. Such processing is subject to the provider’s applicable terms and privacy arrangements.
14. Your Rights
Subject to the conditions and limitations of applicable law, you may have the right to:

  • request access to your personal data;

  • request correction of inaccurate or incomplete data;

  • request deletion of personal data;

  • request restriction of processing;

  • object to processing based on legitimate interests;

  • receive certain data in a structured, commonly used and machine-readable format;

  • withdraw consent at any time;

  • object to direct marketing;

  • request information about safeguards used for international transfers;

  • lodge a complaint with a supervisory authority.

To exercise your rights, contact us at jobs@solocapital.bg.
We may request reasonable information to verify your identity before responding. Requests are normally handled within the period prescribed by the GDPR.
15. Supervisory Authority
You have the right to lodge a complaint with the Bulgarian supervisory authority:
Commission for Personal Data Protection
2 Prof. Tsvetan Lazarov Blvd.
1592 Sofia
Republic of Bulgaria
You may also contact the supervisory authority in the EU or EEA country where you live, work or believe that an infringement has occurred.
16. Children’s Data
Our services are intended for adults and businesses. We do not knowingly collect personal data from children through the website.
Where a service involving a minor is lawfully requested, it will be provided only after the necessary legal requirements and authorisations have been verified.
17. Automated Decision-Making
Solo Capital does not make decisions producing legal or similarly significant effects solely through automated processing.
Recruitment, investment and polygraph-related assessments involve human review.
18. Third-Party Websites
Our website may contain links to third-party websites. Solo Capital is not responsible for the privacy practices, security or content of external websites.
Visitors should review the privacy policies of those websites before providing personal information.
19. Changes to This Privacy Policy
We may update this Privacy Policy where our services, processing activities or legal obligations change.
The current version will be published on www.solocapital.bg, together with its effective date. Material changes may also be communicated through an appropriate additional notice.
20. Contact Us
For questions, requests or complaints concerning this Privacy Policy or the processing of personal data, please contact:
Solo Capital Ltd.
Email: jobs@solocapital.bg
Telephone: +359 898 531 692
Website: www.solocapital.bg

bottom of page