Together Sofia (referred to as “Together Sofia”, “we”, or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you participate in our events or use our website. We aim to be transparent and comply with the European Union General Data Protection Regulation (GDPR) and other applicable data protection laws.
Together Sofia is currently operated by Mike Smid as an individual, with plans to register as Together Sofia LLC. You can contact us at hello@togethersofia.com. We are based in Sofia, Bulgaria.
We only collect personal information that is necessary for organizing our community events and providing a great experience. This may include:
Identity Information: Your full name and date of birth.
Contact Information: Email address and WhatsApp phone number.
Demographic Information: Your nationality and whether you are an expat, digital nomad, tourist, or local resident (your “expat status”).
Event Preferences: Your interests or preferences regarding our events (e.g. which types of events you like to attend).
Social Profiles (Optional): Links to your social media profile(s) if you choose to provide them.
Payment Information: Payment details such as transaction ID or payment method when you purchase event tickets. (Note: Online payments are processed via Stripe through WooCommerce. We do not store your credit card numbers on our servers.)
Cookies and Usage Data: When you use our website, we collect cookies and similar tracking data (see Cookies and Tracking below).
We do not collect any sensitive personal data (such as racial or ethnic origin, political opinions, health information, etc.) unless you voluntarily provide it. If we ever need to handle such data, we will only do so in accordance with the GDPR’s rules for special categories.
We use your personal data only for the purposes you would expect, including:
Event Registration and Management: To register you for the events you sign up for and to manage your attendance (e.g. reserving your spot, checking you in).
Communication: To send you information and updates about the events you’ve joined or expressed interest in (for example, event reminders, schedule changes, or follow-ups). We may contact you by email or WhatsApp for these purposes.
Community Engagement: To personalize your experience and inform you of events that match your preferences. For example, knowing your expat status or interests helps us recommend relevant events or make introductions at events.
Payment Processing: To process payments for event bookings and handle refunds when applicable. (Payments are handled securely via Stripe, and any financial information is processed by Stripe, not by us directly.)
Safety and Well-being: To ensure events are safe and enjoyable for all. For instance, knowing participants’ ages (via date of birth) helps us verify that attendees are adults, and having contact information allows us to reach you in case of event changes or emergencies.
Photos and Media: If you attend our events, we may take photographs or videos that include you. We use these images to share highlights of our events with the community (for example, on our website or social media) and to promote future events. (See Photography Consent below for more details.)
Website Improvement: To analyze how our website is used so we can improve it. We use cookies/analytics for this purpose (as described below).
We will not use your personal data for any purpose that is incompatible with the above. In particular, we do not sell your data to third parties or use it for unsolicited marketing or remarketing outside of Together Sofia’s own event updates.
Under GDPR, we must have a valid legal basis to process your personal data. Depending on the context, our bases include:
Performance of a Contract: When you sign up for an event, we process your data to fulfill our agreement with you (e.g., to reserve your spot and provide the event services).
Consent: We rely on your consent for certain processing, such as including you in event photos or sending you optional newsletters. Where we rely on consent, you have the right to withdraw it at any time.
Legitimate Interests: We may process your data for our legitimate interests, such as improving our events and website or ensuring safety at events, provided these interests are not overridden by your rights and interests. For example, it is in our legitimate interest to use email or WhatsApp to communicate event updates to attendees (as attendees expect these communications).
Legal Obligation: In some cases, we may need to process data to comply with a legal obligation (for example, maintaining transaction records for accounting/tax purposes).
Our website uses cookies and similar technologies to enhance your experience:
We use WordPress (with Elementor) to power our site, which may set functional cookies to remember your preferences or session information.
We use Google Analytics to understand how visitors navigate our website. Google Analytics uses cookies to collect anonymous statistics (such as number of visitors, pages viewed, time spent on pages). This helps us improve the site’s content and layout. Google may store this information on servers outside the EU (e.g., in the USA). However, we do not allow Google to use this data for their own purposes beyond providing us with analytics.
We use the Facebook Pixel on our site. This tool helps us understand the effectiveness of our Facebook/Instagram presence and how visitors engage with our site. While the Facebook Pixel may track some of your browsing data on our site, we currently do not use it for remarketing campaigns (i.e. we are not using it to serve targeted ads to you based on your visit, and we are not providing your personal information to Facebook for marketing beyond the pixel’s standard analytics functionality).
Our use of cookies is based on your consent where required. When you first visit our website, you will see a cookie notice. You can choose to accept or reject non-essential cookies. If you prefer, you can also adjust your browser settings to refuse cookies, though this might affect some functionality of our site.
For more details or any questions about our use of cookies, feel free to contact us. (We may provide a dedicated Cookie Notice on our site with more information.)
We treat your personal data with care and confidentiality. We do not share your personal details with third parties for their own marketing purposes. However, we do share data in the following situations, as necessary for running Together Sofia:
Service Providers: We use trusted third-party services to help operate our community:
Stripe and WooCommerce: for processing online payments. If you pay for an event on our website, your payment details are handled by Stripe (via our WooCommerce platform). Stripe may receive your credit card number and payment details to process the transaction. Stripe is PCI-DSS compliant and handles your financial data securely. We do not see or store your full credit card information.
Email and Communication Tools: We may use email services (such as Gmail or a mailing list service) to send communications. If you join a WhatsApp group for an event, your phone number might be visible to other participants in that group (only for that specific event’s group).
Website Analytics: As mentioned, Google Analytics and Facebook (for the Pixel) process certain usage data when you visit our site.
Event Partners or Venues: For some events, we might partner with a venue or co-organizer. We only share what’s necessary for the event – for example, a venue might receive a first name or a headcount to prepare for our group. Partners are informed that they must protect your data and only use it for the agreed purpose.
Legal Requirements: If we are required by law to disclose information (for example, due to a court order or a lawful request by authorities), we may do so. We will attempt to notify you of such disclosures, unless we are legally prevented or it’s an emergency situation.
Business Transitions: As we plan to transition Together Sofia to a formal company (Together Sofia LLC), your data may be transferred to the new company as part of that process. The same privacy commitments will apply, and we will notify you of any significant changes. In the unlikely event that Together Sofia is involved in a merger, acquisition, or transfer of assets, your data might be transferred to the successor entity. If that happens, we will ensure your data remains protected and inform you about any choices you may have.
In all cases, we require any third parties who handle your data to adhere to strong data protection standards. For example, we have data processing agreements where appropriate, and we only work with companies that commit to GDPR compliance or equivalent protections.
We take reasonable measures to protect your personal data from unauthorized access, loss, or misuse. These measures include:
Using secure, encrypted connections (HTTPS) on our website, so that data you enter (like registration details) is transmitted securely.
Limiting access to personal data to the organizer (Mike Smid) and trusted helpers who need it to manage events. All such persons understand the importance of privacy and are instructed to handle data confidentially.
Keeping our software, website platform, and devices up-to-date with security patches and using reputable security plugins/services as needed.
Relying on secure third-party platforms (like Stripe, WordPress, Google) that invest in strong security measures.
Please note that no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. In the unlikely event of a data breach, we will notify affected users and the appropriate authorities as required by law.
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law. For example:
If you register for an event, we keep your contact and registration information at least until that event is concluded and any necessary follow-up is done.
If you attend events regularly or are an active community member, we will retain your information to keep you informed of upcoming events, unless you ask us to delete it. We may periodically reach out to see if you still want to remain on our contact list.
We may retain basic contact information (like your name and email) for a reasonable period after your last event, in case you decide to return or if we want to send a brief survey or a community update. You can opt out of these communications at any time.
Financial records of transactions (payments, refunds) are kept as long as needed for accounting and tax obligations.
Photos and videos from events may be kept indefinitely as part of our event archives and promotions, unless you request removal of specific images (see Photography Consent below).
If you request that we delete your personal data, we will do so (aside from data we must keep for legal reasons). Some residual data may remain in backups or archives, but we will not use that data for any active purpose.
As an individual in the EU (or in jurisdictions with similar laws), you have certain rights regarding your personal data. We are committed to upholding these rights. These include the right to:
Access Your Data: You can ask us to confirm if we are processing your personal data and request a copy of that data. This is commonly known as a “subject access request.”
Rectify Your Data: If any of your information is incorrect or out of date, you have the right to have it corrected or updated.
Erase Your Data: You can request that we delete your personal data (the “right to be forgotten”). If you no longer wish to be part of Together Sofia, we will remove your details upon request, provided we don’t have a legal obligation to retain some of it.
Withdraw Consent: If we are processing any of your data based on consent (for example, using your photo in our promotions or sending you a newsletter you signed up for), you can withdraw that consent at any time. Once you withdraw consent, we will stop the specific processing that was based on consent.
Object to Processing: You can object to certain processing activities, such as receiving marketing emails or our processing based on legitimate interests. If you object, we’ll review whether we have any overriding legitimate grounds to continue the processing. If not, or if you object to marketing, we will cease the relevant processing.
Restrict Processing: You have the right to ask us to limit the processing of your data in certain circumstances (for instance, if you contest the accuracy of your data, you can request we restrict use of it until it’s verified).
Data Portability: You can request that we provide your data in a commonly used, machine-readable format so you can transfer it to another service provider if desired (this typically applies to data processed based on consent or contract).
Complain to a Regulator: If you believe your data protection rights have been violated, you have the right to file a complaint with your local data protection authority. In Bulgaria, that is the Commission for Personal Data Protection (CPDP). We would appreciate the chance to address your concerns first, so please consider reaching out to us.
To exercise any of your rights, simply contact us at hello@togethersofia.com. We may need to verify your identity before proceeding with certain requests (to protect your privacy). We will respond to your requests as soon as possible, and at most within the timeframe required by law (usually within 30 days).
Photography and video are part of Together Sofia’s community experience, capturing the fun and connections made at our events. Because of this, we have a photography policy:
Consent to Be Photographed: When you sign up for an event, we ask you to check a box agreeing to possibly being photographed. By attending our events, you acknowledge that you may appear in group photos or candid shots taken by us. We use these photos to showcase our events on our website, social media, or other community materials.
How Photos Are Used: Photos and videos from events may be posted on platforms like Facebook, Instagram, our website, or used in flyers or event recap posts. We strive to choose positive, respectful images that reflect the spirit of our community. We will not digitally alter images to misrepresent anyone.
Opting Out of Photos: We understand not everyone is comfortable being photographed. If you have concerns about appearing in photos, please inform us or the event organizer. We will do our best to accommodate special requests (for example, we can try to position you off-camera for group shots, or be mindful not to focus on you in photos). However, we cannot guarantee you will not appear in any photo, especially in large group scenes or crowd shots.
Requesting Photo Removal: If you see a photo of yourself on our site or social media that you want removed, please contact us. We will honor requests to remove photos that you’re in. This is especially important if you have a privacy or security concern (for example, if you cannot have your image online due to personal reasons). While we reserve the right to use photos taken at events to promote the community, your safety and comfort come first.
Use of Photos After Leaving: If you decide to stop participating in Together Sofia events, photos that include you and were taken while you were an active participant may remain in our archives or past posts. We typically will not retroactively remove or stop using those materials unless you specifically request it or if there’s a compelling reason. We will, however, refrain from using your image in new promotional materials once you have informed us that you no longer wish to appear in photos.
By providing photo consent at sign-up, you help us document and celebrate the Together Sofia experience. We greatly appreciate it, and we handle all media with respect for those involved.
As Together Sofia grows or as laws change, we may update this Privacy Policy from time to time. If we make important changes (especially any that affect your rights or how your data is used), we will notify you either via email (if we have your email on file) or by posting a prominent notice on our website. The “last updated” date at the bottom of this policy indicates when the latest changes were made.
We encourage you to review this policy periodically to stay informed about how we are protecting your information. Your continued participation in our events or use of our website after any changes indicates your acceptance of the updated policy.
If you have any questions, concerns, or requests regarding your privacy or this policy, please do not hesitate to contact us:
Together Sofia (Attn: Mike Smid)
Email: hello@togethersofia.com
Location: Sofia, Bulgaria
We’re here to help and will gladly answer any questions you have about your data. Your privacy is important to us, and we are committed to building a community you can trust.
Last updated: April 27, 2025
