The HOTEL is a personal data controller at CPDP and processes the data and personal information provided in accordance with the Personal Data Protection Act and the General Data Protection Regulation (EU) 2016/679.
This Privacy Policy applies the HOTEL and its official website.
We, as data controllers and professionals, with many years of experience in the field of tourism, respect the privacy of consumers. This security policy aims to inform you about the process of collecting, processing, storing, using and redirecting personal data. Therefore, please read the content carefully by reading it. If you have any questions, you can ask them via the Contact Form on the site.
Definitions
For the purposes of this Policy and in accordance with Regulation (EU) 2016/679:
Personal data is any information relating to an individual who is identified or can be identified directly or indirectly by an identification number or by one or more specific attributes. The data may relate to facts (for example, name, e-mail address, location or date of birth) or to an opinion about the data subject’s actions or behavior.
A data controller is a natural or legal person, public body, agency or other entity that alone or jointly with others determines the purposes and means of processing personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for determining it may be laid down in Union law or in a Member State;
Personal data processing is any act or set of actions that may be performed in relation to personal data by automatic or other means, such as collection, recording, organizing, storing, adapting or modifying, restoring, consulting, using, disclosing by transmission , distribute, provide, update, or combine, block, delete, or destroy.
Processing of personal data
In order to secure and improve the services we provide and for the purposes of administering resources to them, we store, use and process personal data in compliance with applicable legal requirements.
TYPES OF PERSONAL DATA TO BE PROCESSED
The types of personal data controller collects and processes vary according to the purpose for which they are collected and grounds for processing them,
the types of data collected according to their objectives are:
- To implement the application and confirm the reservation, the hotel collects and processes the following types data:
a / When booking through the website:
– Name and surname of the contact person;
– e-mail address and telephone number of the contact person;
b / When booking by phone:
– telephone for feedback and e-mail address for confirmation of reservation
– Name and surname of the contact person;
This data is stored until the reservation is completed. The data is then deleted and their subsequent processing is impossible.
- For the purposes of accommodation of guests in the HOTEL, the administrator processes and stores the following data:
– PIN
– Name of the person (for Bulgarian citizens – in Cyrillic, for foreigners – in Latin, according to the national document);
– Date of birth;
– Gender;
– Citizenship;
– Identity card number / valid national identity document;
– Country issuing the national document.
The data collected for the purposes of hotel registration are collected on the grounds of Art. 116, para 2 of the Law on Tourism and are required for keeping a register for the accommodated tourists. The data is stored for a period of 5 / five / calendar years.
- For the purpose of holding corporate or personal events, the following information is processed and stored in the HOTEL:
– Two names of the person organizing the event. In the case of corporate events, the contact person designated by the legal entity organizing the event;
– contact person’s e-mail address and telephone
This data is stored for up to 3 / three / calendar years after the event.
PRINCIPLES OF PROCESSING
When processing personal data, we comply with the following principles:
– legality – when collecting, processing and storing your data, we comply with the provisions of the applicable Bulgarian and European legislation;
– good faith and transparency – the data we collect, process and comply with this privacy policy that is accessible to each user;
– correlation of processing with the purposes and minimizing the data – the types of data we collect are minimized according to the purposes for which they are processed. The purposes for which your data are processed are those for which we are legally indebted, for which we have a contractual relationship or for which we have obtained your consent;
– storage limit – we process and store the received data for a period of time according to the purposes for which it is needed and according to your consent.
– Consent of data processing users – In order to use your data for marketing purposes, in order to improve the services we provide, we must obtain your explicit consent to do so.
Please note that when you request a HOTEL (for pricing conditions, for reservations, clarification about a reservation already made, for an event and / or other issues related to the services provided by the hotel), you consent to the HOTEL to store and processes the personal information you provide for the purpose of the request.
In this case, your data will be deleted in accordance with applicable regulations and current privacy policy.
PROTECTION OF PERSONAL DATA
Privacy of Personal Data
We use electronic methods for processing personal data in order to provide accurate and prompt service delivery and assistance to users.
The process of processing your personal data provided to the HOTEL is carried out in accordance with the applicable legislation in the field of personal data protection, with the HOTEL respecting your privacy. The HOTEL guarantees that the persons authorized by it to process personal data have committed themselves to confidentiality or are required by law to respect confidentiality.
PERSONAL DATA SECURITY
The HOTEL applies technical and organizational security measures to protect the personal data you provide against accidental or unlawful destruction, accidental loss, unauthorized access, alteration or distribution, as well as from other illegal forms of processing by unauthorized persons. . The security measures we apply are subject to continuous improvement and adaptation to the latest technologies.
The collected personal data may be provided to partners of the HOTEL, who act as data processors on behalf of the HOTEL and have committed themselves to comply with all applicable data protection rules. We comply with the condition that the relevant information can be used only within the limits set by the legal basis on which they are collected or by your personal consent in relation to the processing performed on behalf of the HOTEL, and that this information should be treats as confidential.
The HOTEL may disclose and provide personal information in accordance with applicable law if a court or administrative authority so orders or requires it, or if the provision of personal data is related to the fulfillment of a HOTEL’s legal obligation. The data collected for the purpose of accommodation in the HOTEL is accessible to third parties as defined in the Tourism Act – Ministry of Tourism, Municipalities, Ministry of Interior, National Revenue Agency and National Statistical Institute.
CONSUMER RIGHTS CONCERNING THE DATA
- In accordance with the applicable regulations, you have the right of ownership and access to the data you have provided for processing. By submitting a written application through the Site Contact Form, you can obtain information about the type of personal data provided and the purpose of processing it, as well as requesting that we remove any records of your personal information without further processing. By gaining access to your data, you may request that your data be corrected if you find errors or inconsistencies.
- Consumers have the right to object to the processing of their data. The objection shall be addressed to the HOTEL, in accordance with item 1 of this section. The HOTEL undertakes to consider your objection and to inform you of the outcome of the internal check within 30 calendar days of its receipt.
- Consumers shall have the right to complain to the competent supervisory authority. According to the current legislation, the competent supervisory authority in the Republic of Bulgaria is the Commission for Personal Data Protection.
- Consumers have the right to receive their data stored by the HOTEL when provided in a structured, widely used and machine-readable format. Users are also entitled to transfer this data to another data controller without hindrance by the HOTEL, in the cases and with respect to the data provided by consent, in the case of data provided under a contract to which the user is a party or data provided at taking steps by the user and requesting a contract.
CHANGES IN THE RULES ON THE PROTECTION OF PERSONAL DATA
The HOTEL’s data protection rules may be unilaterally modified by the HOTEL with a view to improving them, offering new services, changing the way we serve and communicating with our customers, and in connection with legislative changes.
When making changes to these privacy policies, the HOTEL informs you of the changes made by posting them on our web site, giving you a reasonable time to familiarize yourself with them, after which they will start to be processed. of your personal information without further notice. If you declare that you reject the changes within this time limit, you will be deemed to have withdrawn your consent to the processing of your personal data and the HOTEL will stop processing them in the future. This may also be related to the termination of your registrations for our games, services, newsletters, etc. for the purposes of which you originally provided us with your personal information.
Contact the HOTEL team
If you have any questions regarding our privacy policies and policies, please send a message via the Contact Form on the site.