Personal data protection policy
This security policy aims to inform you about the process of collection, processing, storage, use and forwarding of personal data. Therefore, please familiarize yourself with its contents by reading it carefully.
The HOTEL is the administrator of personal data for the CPLD and processes the provided data and personal information in accordance with the Personal Data Protection Act and the General Regulation on the Protection of Personal Data (EU) 2016/679. This Privacy Policy is applied by the HOTEL and its official website. We, as a professional with many years of experience in the field of tourism and as a personal data controller, respect the privacy of users.
In case you have questions, you can ask them through the Contact form on the site.
DEFINITIONS
In terms of this policy and in accordance with Regulation (EU) 2016/679: - personal data is any information relating to a natural person who is identified or can be identified directly or indirectly by an identification number or by one or more specific characteristics. The data may refer to facts (for example – name, e-mail address, location or date of birth) or to an opinion about the actions or behavior of the Data Subject.
A personal data administrator is a natural or legal person, public body, agency or other structure that alone or jointly with others determines the purposes and means of personal data processing; where the purposes and means of this processing are determined by Union law or the law of a Member State, the controller or the special criteria for its determination may be established in Union law or in the law of a Member State; Processing of personal data is any action or set of actions that may be performed in relation to personal data by automatic or other means, such as collection, recording, organization, storage, adaptation or modification, recovery, consultation, use, disclosure by transmission , distribute, provide, update or combine, block, delete or destroy.
Processing of personal data In order to provide and improve the services we provide and for the needs of administering the resources to them, we store, use and process personal data in compliance with the applicable legal requirements.
TYPES OF PERSONAL DATA PROCESSED
The types of personal data that the administrator collects and processes are different, according to the purposes for which they are collected and the grounds for their processing: The types of data collected according to their purposes are as follows
1. To make a request and confirm a reservation, the HOTEL collects and processes the following types of data:
a/ When booking, through the website:
– Name and surname of the contact person;
– e-mail address and telephone number of the contact person;
b/ When booking by phone:
– phone number for feedback and e-mail address for confirmation of the reservation
– Name and surname of the contact person;
These data are stored until the reservation is made. After that, the data is destroyed and their subsequent processing is impossible.
2. For the purposes of accommodating guests in the HOTEL, the administrator processes and stores the following data:
– EGN / LNCH;
– Name of the person (for Bulgarian citizens- in Cyrillic, for foreigners- in Latin, according to the national document);
– Date of birth;
– Gender;
– Citizenship;
– Identity card number/ valid national identity document;
– Country that issued the national document.
The data collected for the purposes of registration at the hotel are collected on the basis of Art. 116, para. 2 of the Law on Tourism and are necessary for keeping a register of accommodated tourists. The data is stored for a period of 5 /five/ calendar years.
PROCESSING PRINCIPLES
When processing personal data, we observe the following principles:
–legality - when collecting, processing and storing your data, we comply with the provisions of the applicable Bulgarian and European legislation;
– good faith and transparency – the data we collect, process and comply with the current privacy policy, which is available to every single user;
–storage limitation - we process and store the received data for a period of time, according to the purposes for which they are needed and according to your consent.
–user consent to data processing - in order to use your data for marketing purposes, in order to improve the services we provide to you, we must obtain your express consent for this.
Please note that when you send an inquiry to the HOTEL (for price conditions, for a reservation, for clarification regarding an already made reservation, for holding an event and/or other questions related to the services provided by the hotel) you give your consent for the HOTEL to store and processes the personal data provided by you for the purposes of the inquiry made.
In this case, your data will be deleted in accordance with the applicable regulations and this privacy policy.
PROTECTION OF PERSONAL DATA
Confidentiality of personal data. We use electronic methods to process personal data in order to ensure accurate and fast provision of services and assistance to users. The process of processing your personal data provided to the HOTEL is carried out in accordance with the applicable legislation in the field of personal data protection, and the HOTEL respects your privacy. The HOTEL guarantees that the persons authorized by it to process the personal data have made a commitment to confidentiality or are obliged by law to respect confidentiality.
SECURITY OF PERSONAL DATA
The HOTEL implements technical and organizational security measures in order to protect the personal data you have provided from accidental or illegal destruction, accidental loss, unauthorized access, modification or distribution, as well as from other illegal forms of processing by unauthorized persons . The security measures we apply are subject to constant improvement and adaptation to the latest technologies.
Collected personal data may be provided to partners of the HOTEL who act as personal data processors on behalf of the HOTEL and have undertaken to comply with all applicable norms for the protection of personal data. We comply with the condition that the relevant information can only be used within the limits set by the legal basis on which it is collected or by your personal consent regarding the processing carried out on behalf of the HOTEL, and that this information should be treated as confidential.
The HOTEL may disclose and provide personal information in accordance with the applicable law, if a court or administrative authority orders or requires this, or if the provision of personal data is related to the fulfillment of a legal obligation of the HOTEL.
The data collected for the purposes of accommodation in HOTELS are available to the third parties defined in the Tourism Act - Ministry of Tourism, Municipalities, Ministry of the Interior, National Revenue Agency and the National Statistical Institute
RIGHTS OF USERS REGARDING THEIR DATA
1. In accordance with current legislation, you have the right to ownership and access to the data you have provided for processing. With a written request through the Contact form on the site, you can receive information about the type of personal data provided and the purpose of their processing, as well as request that we remove any records of your personal information, without the possibility of further processing. By accessing your data, you can request that it be corrected if you find any errors or inconsistencies
2.Users have the right to object to the processing of their data. The objection is sent to the HOTEL, according to item 1 of this section. The HOTEL undertakes to consider your objection and, within 30 calendar days of its receipt, to inform you of the result of the internal inspection
3. Users have the right to appeal to the competent supervisory authority. According to the current regulations, the competent supervisory authority in the Republic of Bulgaria is the Commission for the Protection of Personal Data.
4. Users have the right to receive their data, which the HOTEL stores, when provided in a structured, widely used and machine-readable format. Users have the right to transfer this data to another personal data administrator without hindrance from the HOTEL, in the cases and in relation to the data provided by consent, in the cases of data provided under a contract to which the user is a party or data provided in taking steps on the part of the user and requesting the conclusion of a contract.
CHANGES IN THE RULES FOR THE PROTECTION OF PERSONAL DATA
The rules of the HOTEL for the protection of personal data can be changed unilaterally by the HOTEL in order to improve them, offer new services, changes in the way of service and communication with our customers, as well as in connection with legislative changes.
When making changes to the current rules for the protection of personal data, the HOTEL brings to your attention the changes made by publishing them on our website, providing you with a reasonable period to familiarize yourself with them, after the expiration of which they start to be applied in processing of your personal data, without further notice. If, within this period, you state that you reject the changes, it will be considered that you have withdrawn your consent to the processing of your personal data and the HOTEL will stop processing them for the future. This may also be related to the termination of your registrations for our games, services, electronic newsletters, etc., for the purposes for which you originally provided us with your personal data.
CONTACT WITH THE HOTEL TEAM
If you have any questions regarding our measures and rules regarding the protection of personal data, please send a message through the Contact form on the site.