Privacy Policy

At LED Lights Grow, we do our best to secure your privacy and data security. We pay strict attention to guarantee at all times the safety of your data with us, and only with us.

Your privacy is of first priority for us, and taking care of your privacy is our responsibility. We are located in the Bulgaria, hence we are bound by GDPR (the General Data Protection Regulation). We make regular consultations with our lawyers to stay on top of things, and we keep a close eye on all the data we process.

Be sure your data is protected by us. Go on reading our privacy policy and learn more about when we collect your information, how we protect it, and what we do with it.

This Privacy Policy describes the way how your personal information is collected, used, processed and shared when you make a purchase from or just visit (the “website”). It also lets you know about your rights in relation to your personal information that we hold.


1 What Personal Data we collect, how and why

1.1 Website

  • Our web site uses cookies to collect data about you and your web device (for example, a computer, smartphone, or other device) – see “How do we use cookies and similar technologies” below for more information.
  • We also collect the IP address and geographic location from which you visited our web site, internet connection and browser type, as well as information on how you use our website (for example, which pages you see when you browse and what you click on).
  • This data is collected automatically when you visit our website.
  • Why do we collect this data?We need  this data so that we could learn more about the way how you and other users interact with our website.

1.2 Newsletter

  • If we have your explicit permission, we may send you newsletters for our store, new products and other updates. The context of the newsletter may contain the following information:
    • First & last name
    • E-mail address
  • Why?For newsletters and promotions, and we use your name to personalize these emails. You can at any time get rid of these emails through the unsubscribe link in the bottom, or by contacting us at [email protected]

1.3 Comments, reviews, job applications, etc.

  • We always collect the Personal Data provided by you explicitly by submitting comments, feedback, questions, product reviews or job applications, or when completing any survey or quiz or entering a contest on our website.
  • Why? So that we could respond to those events whenever necessary. We are not  going to use this data to contact you for marketing purposes.

1.4 Customer service

  • We collect your Personal Data when you send us e-mails or something via postal service,
  • Why?To keep record of our correspondence and to respond to you.

1.5 Accounts

  • We require you to create an account when you place an order on our website,. You may as well choose to create an account without placing an order. When you create an account, we collect the following data provided by you to us explicitly:
    • First & last name
    • Address
    • Phone number
    • IP address
    • E-mail address
    • Payment details
    • Password
  • Why?So that we could ship your order to you, to be able to provide customer service to you, and to save time if you decide to place another order in the future. You may close your account at any time by contacting us at [email protected]

To put it in a word, we processes Personal Data for the below listed purposes:

  • Implementation of an agreement (for example: to fulfill your order),
  • To comply with statutory obligations (for example: to keep invoices for tax purposes),
  • the promotion of legitimate interests of Led Lights Grow (for example: fraud prevention),
  • after obtaining customer’s permission (for example: you explicitly subscribe to our newsletter),
  • due to another reason included in Article 6 (1)of the General Data Protection regulation (EU 2016/679).

We would  not intentionally or knowingly collect sensitive personal information about you, i.e., any information that reveals your race or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic information, biometric information used to identify you, and any information concerning your health, sex life or sexual orientation. If you share sensitive personal information with us, we process it and may delete it with the understanding that you explicitly consented to its deletion.


  1. How we use Personal Data

We use your Personal Data so that we could provide rich and interactive experience on our website to you.

Your data will be used to market and sell our products, to provide customer support, to fulfil your order requests and provide invoices, confirmations and updates, to improve and develop our products and website, to make product recommendations, and to send you promotional communications, targeted advertising and relevant offers.

We usually use your Personal Data to respond to your comments, feedback and questions, to notify you about changes to our website, and to provide you with emails, alerts or updates if you have consented to receiving those from us.

The Personal Data collected by us can tell us a lot about how users interact with our website and other marketing communications. We make various data analysis to deepen our understanding of our website users, and we anonymize this data whenever possible (for example: IP anonymization in Google Analytics). We can improve our websites and marketing activities when we better understand usage behaviour.

Whenever legally required to do so, we will use Personal Data to comply with our legal obligations and any applicable laws and regulations.


  1. Where we store and process Personal Data

Our location is in Bulgaria, with a global reach. To market and sell our products online, we usually use third party service providers that collect and process certain Personal Data on our behalf. Those third parties have servers located in  the U.S., and they may use servers located in other regions as well – for more information see section “Who we share Personal Data with and why”, below.

If you live in the EEA (European Economic Area), your Personal Data is transferred outside the EEA. We ensure appropriate safeguards to be in place whenever we transfer your data outside the EEA. Third parties who transfer your Personal Data outside the EEA on our behalf always comply with the principles of the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. For more information, see .


  1. Who we share Personal Datawith and why

We may share your Personal Data only in cases when we have a legitimate reason to do so. We do not sell or give away your Personal Data.

We usually use a variety of third-party service providers to help us market and sell our products online. We have entered into data processing agreements with all our third-party providers. The following third parties process Personal Data on our behalf:

  • Google Analytics help us for web analytics services. We have configured Google Analytics to anonymize IP addresses so that no personal information may be captured or shared with Google. You can read more about how Google uses your Personal Data here: You can also opt-out of Google Analytics here:


  • BGposts are our shipping carriers to send your order to you. All orders are dispatched from our Oude Pekela distribution centre, so the only data we share with them is the one necessary to print a shipping label for your order and to be able to track the delivery of your order. Please read BGpost’s Privacy Policy here:
  • PayoFix Payments are our payment provider for credit card payments (Visa and Mastercard).
  • We use different share buttons (Facebook’s“like” button, Twitter’s “tweet” button, Pinterest’s “pin” button and LinkedIn’sshare button). Even if you do not click on these plug-ins, they may collect information about you, such as your IP address and the pages that you are viewing. They also may set and/or access a cookie. These plugins are governed by the privacy policy of the companies which provide


  1. How long we retain Personal Data

In no case will we retain your Personal Data for longer than necessary for the purposes set out in this policy, or longer than is required by (tax) law. Different retention periods apply for different types of data, but the longest period we will hold any Personal Data is 5 years.

  • Information about accounts: We store your account-related data as long as you keep the account active. When you close the account, the related data will be deleted within a reasonable period. Requests for inspection or correction of stored Personal Data, or the removal of an account can be sent to: [email protected]
  • Newsletter information: We will keep your data in our newsletter database until you revoke your consent. One can easily revoke his/her consent by using the unsubscribe option below each email, or by contacting us at [email protected]


  1. How we keep your Personal Datasecure

We apply a range of measures to keep your Personal Data safe and secure:

  • We have a security manager appointed and he/she is responsible for periodical checking and improving of security measures.
  • We and our third-party service providers always use secure servers to store your Personal Data. SSL (Secure Sockets Layer ) technology is used to encrypt transfers of data to and from our servers and to encrypt payments made on or via our website.
  • We strictly obey all PCI-DSS requirements and implement additional, generally accepted industry standards.
  • Information related to accounts is shielded with a hashing method. This method transforms information into a generated hash. As a result, sensitive information is secured, and is actually invisible to us.
  • Our databases are exceptionally protected against unauthorised access by For example, access to the database is only permitted and possible by approved IP addresses (such as Led Lights Grow offices). Other attempts and addresses are rejected at all times.
  • We require any third parties who carry out any work on our behalf as well as our staff to comply with appropriate compliance standards including obligations to protect Personal Data when using and transferring such data. All third parties mentioned in “Who we share Personal Datawith and why” are screened, GDPR compliant, and are provided with a processor agreement.
  • Staff has access to personal information only in such an extend that is strictly needed for their jobs. Access to Personal Data is allowed only to staff of Led Lights Grow who are employed in the departments Sales & Marketing, Customer Service, Logistics & Procurement, E-commerce, ICT and Management Team

Should a data breach occur to jeopardize the security of your Personal Data, we will work with our third-party service provider(s) to address the breach. In case of a data breach of sensitive data, we will promptly notify users within 72 hours of discovery of any such breach.


  1. How to access and control your Personal Data

Do not hesitate to contact us at any time to request access to, deletion of and/or edits to your Personal Data. Please contact us, outlining your request, at [email protected], or at the address provided in the below section “How to contact us”.

At any time you can withdraw your consent for anything you gave consent to. What is more you can object to or restrict our use of your Personal Data.

If you have your customer account on our website, or you have posted any comments, you can request to receive an exported file of your Personal Data.

You have the right also to request that we delete any Personal Data we hold about you, with the exception of the data we are obligated to keep for administrative, legal or security purposes.

In the cases when you request access to your Personal Data, we are required to use all reasonable measures to verify your identity prior to granting access. We do this to protect your data and limit the risk of potential identity fraud/theft or unauthorized access.

In the end, you have the right to contact the privacy or data protection regulator in the country where you are located to make a complaint. You can find a list of all European Data Protection Authorities here:


  1. How we use cookies and similar technologies

We use the following technologies to collect website information:

  • “Cookies” these are data files that are placed on your device or computer and often include an anonymous unique identifier.
  • “Log files” are used to track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
  • “Web beacons,” “tags,” and “pixels” are electronic files which we use to record information about how you browse the Site.

By the use of these cookies and similar technologies on our websites we make it easier for us to:

  • distinguish any user from other users of our websites and help us improve your experience on our websites
  • store user’s preferences and settings, enable users to sign-in to their customer account, and help us provide them with interest-based advertising
  • combat fraud
  • make an analysis of how our website is performing

In the cases when we include links to other websites, those sites will have their own privacy and cookie policies that will govern the use of your Personal Data on those sites. We strongly recommend you to check their policies as we are not responsible or liable for their practices.

Usually web browsers are set up to accept cookies but if you wish to amend your cookie preferences, you can do this through your browser settings. If you choose to turn off certain cookies, it may affect the functionality of our website.

The cookies used by us cannot look into your computer, smartphone or web-enabled device and obtain information about you or your family or read any material kept on your hard drive. If you use a public computer to access our websites, our cookies cannot be used by anyone else who has access to that computer to find out anything about you, except of the fact that the fact that someone using that computer may have visited this site.


8.1 How to control cookies?

Cookies can be controlled and managed in various ways. You should keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

Usually most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. More information about how to modify your browser settings or how to block, manage or filter cookies you can find in your browser’s help file or through sites such as: and

A lot of the third-party advertising and other tracking services listed above offer you the opportunity to opt out of their tracking systems. You can read more about the information they collect and how to opt out through the privacy policy links listed above.


  1. Changes to this Privacy Policy

We reserve the right to modify this policy from time to time. When we do, we will provide notice to you by publishing the most current version and revising the date at the top of this page.

In case we make a material change to the policy, we are going to provide additional notice by sending you an email and/or displaying a prominent notice on our websites.

If you continue to use our websites after changes to this policy come into effect, you agree to the revised policy.


  1. How to contact us

Should you have any questions or requests about this Privacy Policy, please do not hesitate to contact our Data Protection Officer at:

  • Email: [email protected]
  • Phone:  +359876756751
  • Office address: DSS Services Ltd , Prezviter Kozma 3, Plovdiv 4000, Bulgaria