+359 88 8153150 entr.8 bl.525 Ovcha Kupel Sofia 1632

Privacy Policy

About us

This site at https://club.galanto.com is owned by Independent Member of Herbalife Nutrition Galina Mihailova (tel. +359 88 8 153 150) and Anton Ivanov (tel. +359 88 9 920 930), owners of Galanto Ltd. with UIC 203661329, registered personal data controller. We hold a very high level of privacy policy and security in all its aspects. The correspondence email address is club@galanto.com.

What personal information we collect and why

We do not collect personally identifiable information from users or visitors to the site without declaring their consent to it.

Registered users require the default name, email address, website (if any), profile picture avatar (optional), personal account preferences. Self-registration of users is not allowed and is in personal contact with one of the site owners.

It is possible for visitors to collect technical information about cookies and statistics on the site.

In cases where we collect information about a particular event or activity, this is done on a special consent form and may include names, email address, social networking profile, one-time contact number for the specific activity, and the need.


When visitors leave comments on the site, we collect the information displayed in the comment form, as well as the visitor’s IP address and user browser identifier to help detect spam.

An anonymous string based on your email address may be provided to the Gravatar service to verify that you are using it. Gravatar’s privacy policy is here: https://automattic.com/privacy/. Once your comment is approved and this option is set, your profile photo will be visible to the public.


If you are uploading images to the site, you should avoid uploading images with built-in location data (EXIF GPS). Site visitors can download and retrieve location data with this GPS data from images on the site.

Contact forms

The site maintains a request form in which the desired visitor records names, email, telephone, convenient connection time and desired services. The data is used once to establish contact. Uses Google forms, each with a specific purpose and with a statement including time limits for collecting and the ability to withdraw personal information. In the forms, everyone records the personal information they provide by hand, ensuring that we keep contact requests for a specified period of time for customer service purposes and do not use the information they provide for marketing purposes and / or third parties.


By leaving a comment on our site, you can allow your name, email address and website to be stored in cookies. They are for your convenience, so you don’t have to re-fill in your comments when you leave another comment. These cookies will be kept for one year.

If you have an account (the service is available only after a personal contact) and log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal information and is deleted when you close your browser.

When you log in to your site, a few more cookies will save your login information and your preferences for what you see on the screen. Sign-in cookies expire in two days, and screen preferences expire in a year. If you choose the save option, your login information will be kept for two weeks. If you sign out, your login cookies will be deleted.

If you edit or publish an article, an additional cookie will be saved to your browser. It will not contain any personal information, it will simply add the ID of the post you just edited. Expires in one day.

Inserted content from other websites

Articles on this site can be embedded (videos, images, content, etc.). Embedded content from other sites accepts and behaves with the site visitor as a visitor to your own site.

These sites may collect information about you, use cookies, embed additional third-party statistics tools, track how you use these tools, including how you use embedded content if you have an account and are logged in to the site.


By default, WordPress does not collect any analytics data. The site collects the statistics required by the Jetpack app for statistics such as number of visits per day, duration of visits, subscriptions, comments, posts, spam, but without collecting personal data about visitors. ISPs collect analytical data depending on the legislation in the country.

Who we share your data with

We do not share any personal information with third parties except as required by law.

How long we keep your personal data

In cases where we have collected personal data with a specific form, this duration is described in the statement of consent. If not described there, the data shall be retained for up to one month after the specific event, after which it shall be duly destroyed. Data recorded by registered users are stored as they wish and can be withdrawn and deleted at any time within one month.

The records for analysis and statistics are stored within the current year.

If you leave a comment, the comment and its metadata are saved indefinitely. This is so that we can automatically recognize and approve your follow-up comments instead of keeping them in the approval queue.

For users who register on our website (registration is made only after a personal contact), we also store the personal information they provide on their profile. All users can view, edit or delete their personal information at any time (except that they cannot change their username). Only website administrators can view and edit this information. Even administrators cannot see the password of registered users, but can delete it or set a new one-time password.

Your rights over your personal information

If you have an account on this site or have commented on it, you may request to receive a file containing all the information we hold about you, including the information you have provided to us, without a personal password, which we cannot view and respectively to send you. You may also want to delete the personal information we hold about you. However, this does not include data that we are required to store for administrative purposes, for site security purposes, or by law.

How we use your data

We do not transfer any personal data inside or outside the EU or for other third party services.

Visitor comments can be verified through an automatic spam comment checking service.

Your contact information

The Site does not collect contact information beyond the circumstances described herein and does not send unwanted information to persons who have provided contact information of their own volition.

More information

The site complies with the legal framework in the country for e-commerce.

How we protect your personal information

We provide data encryption and two-step authentication. Galanto Ltd. is a personal data controller and complies with its legislation in the country and the EU.

Our processes for personal data incidents

The server administrator receives information about attempts to access the devices and, if necessary, can delete any personal data to prevent them from leaking.

What other sources do we get data from

We do not receive personal information from third parties.

What automatic actions and / or filtering based on personal information we perform with user data
The site does not provide services that include automatic decision making based on personal information.

Herbalife Nutrition Security Policy

As an Independent Member of Herbalife Nutrition, we also comply with the requirements for the collection and processing of personal data and the security policy of Herbalife Nutrition https://www.herbalife.bg/privacy.

Site Add-On Policies


What we collect and store

As you visit our site, we record:

  • Products you have viewed: We may use this functionality to show you products that you have recently opened
  • Location, IP address and browser type: We will use this information for purposes such as tax and shipping calculations
  • Delivery Address: We will ask you to enter it, for example, so that we can evaluate the value of the delivery before placing your order and to send it to you.

We will also use cookies to monitor the contents of your cart as you browse the site.

When you make a purchase from us, we will ask you for information such as name, billing and shipping addresses, email address, phone number, credit card information, or other payment method and, at your option, your account registration information, as a user username and password. We will use this data for some of the following purposes:

  • Sends information about your profile and order
  • Respond to your requests, including requests for refunds and complaints
  • Payment processing and fraud prevention
  • Register an account in our store
  • Complying with our legal obligations, such as calculating tax rates
  • Improve suggestions from our store
  • Sends you marketing messages if you choose to receive them

If you create an account, we will store your name, address, email address and phone number and use them to automatically fill them in for your next orders.

Generally, we store information about you for the minimum required time for the purposes for which we collect and use it. For example, we will store your order data for XX years for tax and accounting purposes. This information includes your name, email address, and billing and shipping addresses.

We will also store comments and feedback if you wish to post them.

Which of our team has access

Our team members have access to the information you provide. For example, store administrators and managers have access to:

Order information: what was purchased, when it was purchased, where it should be shipped and
Customer Information: Your name, email and billing and shipping addresses.

Our team has access to this information so that it can execute orders, make returns and assist.

What we share with others

We share information with third parties that help us provide ordering services; such as shipping address.


In this subsection, you should describe which external payment methods you are working with as they may be processing personal data. PayPal is included as an example, but if you don’t use it, remove it.

We accept payments via PayPal. When we process a payment, some of your information will go through PayPal, including information needed to process the payment, such as the total amount and payer details.

See PayPal’s privacy policy for more details.

Really Simple SSL

Really Simple SSL and Really Simple SSL plugins do not process personally identifiable information, so GDPR does not apply to these plugins or the use of these plugins on your site. You can find our privacy policy here.

WP Smush

Note: Smush does not interact with the end users of your website. The only built-in option in Smush is for newsletter subscription for site administrators only. If you would like to notify your users of this in your privacy policy, you can use the information below.

Smush sends images to WPMU DEV servers to optimize them for use on the network. This includes the transfer of EXIF ​​data. EXIF data will be removed or returned as it was sent. They are not stored on WPMU DEV servers.

Smush uses the Content Delivery Network (CDN). Stackpath can store web site visitor log information, including IP addresses, UAs, referral information, location and ISP of site visitors for up to 7 days. Files and images served by CDN may be stored and served by parties other than yours. Stackpath’s privacy statement can be found here.

Smush uses a third-party email service (Drip) to send information emails to the site administrator. The admin address is sent to Drip and the cookie is set by the service. Only admin information is collected by Drip.


We collect information for visitors who comment on the site that use our Akismet spam protection service. The information we collect depends on how the User uses Akismet for the site, but usually includes the IP address, user agent, referrer, and URL of the commenter’s site (along with other information provided directly by the commenter, such as name, username, email address and comment itself).

Popup Maker

What personal information we collect and why we collect it

Subscription forms

If you submit a subscription form to our site, you will subscribe to us by entering your name, email address and other relevant information.

These subscriptions are used to notify you of related content, discounts & other special offers.

You can unsubscribe or unsubscribe at any time in the future by clicking the link at the bottom of each email.


Cookie Name Usage Time

pum-1414 To prevent multiple pop-ups. 1 day

pum-4312 To prevent multiple pop-ups. 1 day

pum-1079 To prevent multiple pop-ups. 1 month

pum-1299 To prevent multiple pop-ups. 30 minutes

pum-1199 To prevent multiple pop-ups. 30 minutes

pum-1178 To prevent multiple pop-ups. 1 month

pum-1144 To prevent multiple pop-ups. 1 month

pum-1129 To prevent multiple pop-ups. 1 month

We use anonymous cookies to prevent the same pop-up from appearing to users in an attempt to make our users more enjoyable while still delivering time-sensitive messages.

How long we keep your data

The subscriber information is stored in the local database indefinitely for analytic tracking and future export purposes.

The data will be deleted at the user’s request by deletion.

Where we send your data

The popup machine does not send any user data outside the site.

For any questions you may have, do not hesitate to contact us at the top of this page and the site.

Follow by Email