Privacy Policy
Last updated: 28 June 2026
1. Controller
The controller within the meaning of the General Data Protection Regulation (GDPR) is:
Peak Care EDPK · UIC/EIK: 208465067
Stragite 08, Apt. 39D · 2770 Bansko, Bulgaria
Email: web@banskoconcierge.com · Phone: +359 895 762 785
Website: banskoconcierge.com
2. General information on data processing
We process our users' personal data only insofar as this is necessary to provide a functional website and our content and services, or where you have given your consent. The legal bases are in particular Art. 6(1)(a) (consent), (b) (contract / pre-contractual measures) and (f) (legitimate interests) GDPR.
3. Hosting & server log files
This website is hosted by Netlify (Netlify, Inc., USA). When the site is accessed, technically necessary data is automatically recorded in server log files (including the anonymised/truncated IP address, date and time, the file requested, the volume of data transferred, the referrer, and browser/operating-system information). This serves the secure and stable operation of the website (Art. 6(1)(f) GDPR). A data-processing agreement is in place with the provider; any transfer to the USA takes place on the basis of appropriate safeguards (including EU Standard Contractual Clauses).
4. Cookies & consent
We use technically necessary cookies to ensure the operation of the website. Cookies and comparable technologies that are not strictly necessary (in particular for reach measurement / analytics) are only used with your explicit consent via our consent banner (Art. 6(1)(a) GDPR, ePrivacy).
Until you give your consent, analytics services remain disabled (default “denied” in Google Consent Mode). You can withdraw your consent at any time with effect for the future by deleting the stored choice in your browser (website data / cookies for banskoconcierge.com) and reloading the page — the banner will then reappear.
5. Google Analytics 4
After your consent, we use Google Analytics 4, a service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google Analytics uses cookies or similar technologies to analyse the use of the website on an anonymised basis (e.g. page views, approximate origin, devices used). We use Google Consent Mode v2: no analytics cookies are set without consent.
The legal basis is your consent (Art. 6(1)(a) GDPR). A transfer of data to Google in the USA cannot be excluded; it takes place on the basis of the EU Standard Contractual Clauses. You can withdraw your consent at any time (see section 4). Further information: Google Privacy Policy.
6. Google Fonts
For the uniform display of fonts, this website embeds fonts from Google Fonts (Google Ireland Limited). When a page is accessed, a connection is established to Google servers, whereby your IP address is transmitted to Google. The legal basis is our legitimate interest in an appealing presentation (Art. 6(1)(f) GDPR). Further information: Google Privacy.
7. Contact & contact form
If you contact us via the contact form or by email, we process the data you provide (e.g. name, email address, message) in order to handle your enquiry. Form submissions are transmitted via a serverless function of our host (Netlify Functions) and delivered to us by email using the email service provider Brevo (Sendinblue SAS, France). The legal basis is Art. 6(1)(b) GDPR (pre-contractual measures / initiation of a contract) or (f) GDPR (handling of enquiries). The data is deleted as soon as it is no longer required for the purpose and no statutory retention obligations prevent deletion.
8. Your rights as a data subject
Under the GDPR you have in particular the following rights:
- Access to the data processed about you (Art. 15 GDPR)
- Rectification of inaccurate data (Art. 16 GDPR)
- Erasure (Art. 17 GDPR) and restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection to processing (Art. 21 GDPR)
- Withdrawal of consent given, with effect for the future (Art. 7(3) GDPR)
To exercise your rights, an informal message to web@banskoconcierge.com is sufficient.
9. Right to lodge a complaint with a supervisory authority
Without prejudice to any other remedy, you have the right to lodge a complaint with a data-protection supervisory authority if you consider that the processing of your data infringes the GDPR (Art. 77 GDPR).
10. Data security
This website uses SSL/TLS encryption (recognisable by “https://” and the padlock symbol in the address bar) to protect the transmission of your data.
11. Currency of this privacy policy
We adapt this privacy policy as soon as changes to the data processing we carry out make this necessary. The version published on this page at any given time applies.