Home / Privacy Policy

Privacy Policy

Last updated: June 12, 2026

1. Who We Are

Noblix ("Noblix", "we", "us") is the data controller responsible for your personal data. We are an AI solutions company.

Data Controller: Noblix (contact: operations@noblixltd.com)

2. What Data We Collect

Contact form

When you contact us, we collect your name, email address, phone number (optional), company (optional), the service you are interested in, and your message.

Job applications

When you apply for a role, we collect your name, email, phone number, the position applied for, your message, and — if you choose to upload one — your CV/résumé.

Technical data

Our servers automatically log your IP address, browser type (user agent), and basic usage data for security and abuse-prevention purposes.

3. How We Use Your Data

  • To respond to your enquiries and provide the services you request.
  • To assess and process job applications.
  • To secure our website and prevent fraud and abuse.
  • To comply with our legal obligations.

We do not sell your data, and we do not use it for advertising or automated profiling.

4. Legal Basis (GDPR Article 6)

  • Consent (Art. 6(1)(a)) — when you submit a contact form or job application.
  • Legitimate interests (Art. 6(1)(f)) — to secure our site and respond to enquiries.
  • Legal obligation (Art. 6(1)(c)) — where retention or disclosure is required by law.

5. Data Storage & Security

All form submissions and applications are encrypted at rest using AES-256-GCM authenticated encryption. Data is stored on servers located within the EU. Access is strictly limited, transport is secured with TLS/HTTPS, and uploaded files are stored outside the public web root.

6. Data Retention

  • Contact enquiries: up to 24 months.
  • Job applications: up to 12 months (unless you ask us to keep your CV on file longer).
  • Server / security logs: up to 90 days.

7. Your Rights

Under the GDPR you have the right to:

  • Access the personal data we hold about you.
  • Rectification of inaccurate or incomplete data.
  • Erasure ("right to be forgotten").
  • Restriction of processing.
  • Data portability.
  • Object to processing based on legitimate interests.
  • Withdraw consent at any time.

To exercise any of these rights, email operations@noblixltd.com. We respond within one month.

8. Third-Party Services

Our website loads two third-party resources to render correctly:

  • Google Fonts — serves the typefaces used on the site.
  • Lucide (unpkg CDN) — serves the icon set.

We use no analytics, no tracking pixels, and no advertising cookies. These providers may receive your IP address as a technical necessity of delivering their files.

9. Cookies

We use a single essential session cookie (PHPSESSID) for security and CSRF protection. We set no analytics or advertising cookies. See our Cookie Policy for details.

10. International Transfers

Your data is processed within the European Economic Area (EEA). Where a third-party resource is delivered from outside the EEA, appropriate safeguards apply.

11. Changes to This Policy

We may update this policy from time to time. The "last updated" date above reflects the latest revision.

12. Contact & Complaints

Questions or requests: operations@noblixltd.com.

You also have the right to lodge a complaint with the Bulgarian supervisory authority, the Commission for Personal Data Protection (CPDP)cpdp.bg.