GDPR Compliance & Data Protection Policy

Effective Date: October 2, 2025

At Encharge Ltd. (“we,” “our,” “us”), we are committed to protecting your personal data and respecting your privacy. This GDPR Policy explains your rights under the General Data Protection Regulation (GDPR) and how we comply with it in connection with the Tarsis platform and services (the “Service”).

1. Data Controller

The data controller responsible for your personal data is:

Encharge Ltd.
str. Cherkovna 57, office 19
Sofia, 1505
Bulgaria
VAT: BG202110999
Support: hey@kalo.me

2. What Data We Collect

We collect and process the following categories of personal data:

  • Identity Data: Name, email address, company name, VAT details.

  • Contact Data: Address, phone number, communication preferences.

  • Payment Data: Billing details (via our payment processor).

  • Usage Data: Log files, device information, IP address, browser type, activity within the Service.

  • Customer Content: Data or files you upload or create in the Service.

3. Legal Bases for Processing

We only process your personal data where permitted by GDPR, under the following legal bases:

  • Contractual necessity – to provide the Service you subscribed to.

  • Consent – for optional features such as marketing emails.

  • Legitimate interests – to improve the Service, ensure security, and prevent fraud.

  • Legal obligation – to comply with tax, regulatory, or law enforcement requests.

4. Your GDPR Rights

As an EU/EEA/UK resident, you have the following rights:

  1. Right of Access – Request a copy of your personal data.

  2. Right of Rectification – Correct inaccurate or incomplete data.

  3. Right of Erasure (“Right to be Forgotten”) – Request deletion of your data when it is no longer needed.

  4. Right to Restriction of Processing – Request limits on how we use your data.

  5. Right to Data Portability – Obtain your data in a structured, machine-readable format to transfer to another service.

  6. Right to Object – Object to processing based on legitimate interests, including profiling.

  7. Right to Withdraw Consent – If processing is based on consent (e.g., marketing), you may withdraw at any time.

  8. Right to Lodge a Complaint – With the Bulgarian Commission for Personal Data Protection (CPDP) or your local data authority.

To exercise these rights, contact us at hey@kalo.me.

5. Data Sharing & Transfers

  • We do not sell your data.

  • We may share data with trusted service providers (hosting, payment, analytics, support).

  • If data is transferred outside the EEA/UK, we ensure safeguards such as Standard Contractual Clauses (SCCs) or adequacy decisions by the European Commission.

6. Data Retention

We retain personal data only for as long as necessary:

  • Account data – kept while your account is active.

  • Billing data – retained for up to 7 years for tax/legal compliance.

  • Customer content – deleted upon account closure or request.

7. Security Measures

We implement industry-standard security measures, including:

  • Data encryption in transit (TLS/SSL).

  • Secure cloud hosting within the EU/EEA.

  • Access controls, monitoring, and intrusion detection.

  • Regular audits and vulnerability testing

8. Data Breach Notification

If a personal data breach occurs that poses a risk to your rights and freedoms, we will notify the supervisory authority within 72 hours and inform affected users without undue delay.

9. Cookies & Tracking

We use cookies and similar technologies for:

  • Authentication and security.

  • Analytics and performance.

  • Personalization of user experience.

For more details, see our Cookie Policy.

10. Contact & Complaints

If you have any questions about this GDPR Policy or wish to exercise your rights, please contact:

Encharge Ltd.
str. Cherkovna 57, office 19
Sofia, 1505
Bulgaria
VAT: BG202110999
Support: hey@kalo.me


You also have the right to lodge a complaint with the Commission for Personal Data Protection (CPDP) in Bulgaria: https://www.cpdp.bg