LAST UPDATE: March 2019
POLICY FOR PROTECTION OF PERSONAL DATA
THE HOTEL is an administrator of personal data with CPDP and processes the provided data and personal information pursuant to the Personal Data Protection Act and the General Regulation for the Protection of Personal Data (EU) 2016/679.
We, as a personal data administrator, and as a company with many years of experience in the field of tourism, respect the privacy rights of our consumers. This security policy, aims to inform you about the process of collecting, processing, storing, use and redirection of personal data. Therefore, please get acquainted with its content by reading it carefully. If you have questions, you can ask them through Contact Form.
For the purposes of this policy and in accordance with Regulation (EU) 2016/679:
Personal data is any information relating to an individual who is identified or can be identified directly or indirectly by an identification number or by one or more specific features. The data may relate to facts (for example – name, e-mail address, location or date of birth) or an opinion on the actions or behavior of the Data subject. Personal data administrator is a natural or legal person, a public body, an agency or a another structure which, alone or jointly with others, determines the purposes and means of processing of personal data; where the objectives and means of such processing are determined by European Union’s law or the law of a Member State, the administrator or the specific criteria for his determination may be laid down in Union law or in the law of a Member State;
Processing of personal data is any action or set of actions that can be taken perform with respect to personal data by automatic or other means, such as collecting, recording, organizing, storing, adapting or modifying, restoring, consulting, use, disclosure by transmission, dissemination, provision, updating or combining, blocking, deletion or destruction.
Processing of personal data
To provide and improve our services and administration, we store, use and process personal data as we take into account the applicable legal requirements.
TYPES OF PERSONAL DATA TO BE TREATED
The types of personal data the administrator collects and processes are different according to the purposes for processing:
The types of data collected according to their purpose are as follows:
1. To make a booking request and confirmation, the HOTEL collects and processes the following types of data:
a/ When booking via web site:
– Name and surname of the contact person;
– e-mail address and contact person’s phone;
b / When booking by phone:
– a contact phone number and an e-mail address to confirm the reservation
– Name and surname of the contact person;
This data is stored until the reservation is made. Then the data is deleted, its subsequent processing is impossible.
2. For the purpose of accommodating guests at the HOTEL, the administrator processes and stores the following data:
– PIN / PNH ;
-Name of the person (for Bulgarian citizens – in Cyrillic alphabet, for foreigners – in Latin, according to the national document);
– Date of birth;
– ID card / valid national identity document;
– Country that issued the national document.
The data collected for registration at the hotel is collected on the basis of Art. 116, paragraph 2 of the Law on Tourism and are necessary for keeping a register for accommodated tourists. The data is stored for a period of 5 (five) calendar years.
3. For the purposes of the realization of corporate or personal events in the HOTEL are processed and stored the following data:
– Two names of the organizer of the event. In case of corporate events contact person, indicated by the organizer of the event;
– email address and phone of the contact person
These data are stored up to three calendar years after the event is realized.
PRINCIPLES OF PROCESSING
When processing personal data we comply with the following principles:
– Legality – in the collection, processing and storage of your data, we observe the provisions of applicable Bulgarian and European legislation;
– Relevance of treatment to objectives and minimization of data – Data types, which we collect, are minimized according to the purposes for which they are being processed. We process only the data, for which we have the legal rights for its processing or we process the data, for which we have obtained your consent; – storage limitation – process and store received data for a period of time, according to the purposes for which they are needed and your consent.
– User consent for data processing – to use your data for marketing purposes, in order to improve the services we provide to you, we must get your explicit consent for this.
Please note that when you send a request to the HOTEL (for pricing terms, for booking, clarification about a reservation already made, an event, and / or other issues related to the services provided by the hotel) You give your consent to the HOTEL to store and process the personal data provided by you for the purpose of fulfilling your request.
PROTECTION OF PERSONAL DATA
Privacy of personal data
We use electronic methods for processing personal data in order to ensure accurate and rapid provision of services and consumer assistance.
The process of processing your personal data provided to the HOTEL is processed in compliance with the applicable data protection legislation, such as THE HOTEL respects your privacy. The HOTEL ensures that the persons authorized from processing the personal data, have committed to confidentiality, or are required to do so to observe confidentiality.
SECURITY OF PERSONAL DATA
THE HOTEL applies technical and organizational security measures in order to protect the personal data you have provided from: accidental or unlawful destruction, accidental loss, unauthorized access, alteration or distribution, as well as other illegal forms of processing by unauthorized persons. The security measures we apply, are subject to constant improvement and adaptation to up to date technologies.
The collected personal data can be provided to partners of the HOTEL, which act as personal data processors on behalf of the HOTEL and are committed to doing so comply with all applicable privacy standards. We keep in mind the condition that the relevant information can only be used within the limitations imposed by the legal basis of which are collected or by yourself consent to the processing performed on behalf of the HOTEL, and that this information should be treated as confidential.
The HOTEL may disclose and provide personal information in accordance with the applicable law if court or administrative authority orders or requests this or the provision of personal data is related to the implementation of a legal obligation of the HOTEL. The data collected for the purposes of the accommodation in the HOTEL is accessible to the third persons designated by the Law on Tourism – Ministry of Tourism, Municipalities, Ministry of Interior, National Agency for Tourism revenues and the National Statistical Institute.
USERS ‘RIGHTS CONCERNING THEIR DATA
1. In accordance with the applicable regulations, you have the right to property and access to the data you provided for processing. By written application through Contact Form, you can get information about the type of personal information provided and the purpose of processing them, and require you to remove any records on your personal information without any further processing. Accessing yours data, you can ask for them to be corrected in case you find errors.
2. Users are entitled to object to the processing of their data.
The objection is addressed to the HOTEL, as per item 1 of this section. THE HOTEL undertook to consider your objection and inform you within 30 calendar days of receiving it the result of the internal check carried out.
3. Users are entitled to complaints to the competent supervisory authority. According to the current regulatory framework, the competent supervisory authority in the Republic of Bulgaria is the Commission for the Protection of the personal data.
4. Users are entitled to receive their data that the HOTEL stores when they are provided in a structured, widely used and machine-readable format.
Users are also allowed to transfer this data to another data administrator without Obstruction on the part of the HOTEL, in the cases and with regard to the data provided through consent in the case of data provided under a contract to which the consumer is a party or data provided in the user’s steps and request for conclusion on contract.
CHANGES IN THE RULES ON PROTECTION OF PERSONAL DATA
Contact with the HOTEL team: