PERSONAL DATA PROTECTION POLICY

This Personal Data Protection Policy applies to Aurora Hotel Complex, “St. Constantine and Helena” resort

This personal data protection policy is intended to inform you about the collection, use and transfer of personal data. Please, familiarize yourself with its contents. If you have any questions, you can ask them at the following e-mail address:

In order to ensure the safety of guests, video surveillance with recording is carried out on the territory of “Aurora” hotel & villa. By the act of using our services, guests agree to be recorded.

You can contact us at the following address:
Bulgaria, Varna 9006, “St. Constantine and Helena” resort, for “Aurora” hotel & villa

DEFINITIONS

Personal data is any information relating to an identified or identifiable (directly or indirectly) natural person, by reference to an identification number or to one or more specific indications. The data may relate to facts (for example, name, e-mail address, location or date of birth) or to an opinion concerning the actions or conduct of the Data Subject.

A Personal data administrator is a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by the Union or the Member State law, the administrator or the specific criteria for its determination may be laid down in the Union or the Member State law.

Processing of personal data is any operation or set of operations which is performed with the personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, distribution or otherwise making available, updating or combination, blocking, erasure or obliteration.

Direct marketing is a set of activities aimed at improving the quality of the services we offer and tailoring them to the exact needs and interests of our guests, as well as analyzing their satisfaction. This includes activities such as: online advertising campaigns, e-mail marketing, surveys, user profiling, etc.

PROCESSING OF PERSONAL DATA

In order to provide and improve the services we provide and for the needs of administering the resources to them, we store, use and process personal data, complying with the applicable legal requirements.

TYPES OF PERSONAL DATA PROCESSED
The types of personal data that the administrator collects and processes are different, according to the purposes for which they are collected and the grounds for their processing:

The types of collected data according to their purposes are:

1. To process a reservation request and confirmation, we collect and process the following types of data:
a/ When booking via a website:
-First and last name of the contact person;
-e-mail address and telephone number of the contact person;
b/When booking by phone:
– Phone number to stay in touch and e-mail address for confirmation of the reservation;
-First and last name of the contact person;
– This data is stored until the end of the booked stay. After that, the data is erased and its further processing is impossible.
2. For the purposes of accommodating guests in Aurora hotel complex, the administrator processes and stores the following data:
Personal registry number;
– Full name of the person (for Bulgarian citizens – in Cyrillic, for foreigners – in Latin, according to the national document);
Birth date
Sex
Citizenship
ID card number/valid national identity document number;
– Country that issued the national document.
– The data collected for the purposes of hotel registration are collected on the basis of Art. 116, para. 2 of the Tourism Act and are necessary for keeping a register of the accommodated tourists. The data is stored for a period of 5/five/ calendar years.
3. For the purposes of organizing corporate or personal events at Aurora Hotel Complex, the following data is processed and stored:
First and last name of the person organizing the event. In case of corporate events – a contact person specified by the legal entity organizing the event;
-e-mail address and telephone number of the contact person;
This data is stored until the event is being held.

PRINCIPLES OF PROCESSING
When processing personal data, the following principles are observed:
-legality – in the collection, processing and storage of your data, in accordance with the provisions of the applicable Bulgarian legislation and the European directives;
-good faith and transparency – we process the data we collect in accordance with this personal data protection policy, which is available to every user;
– purpose-based processing and use of minimum amount of data – the types of data we collect are kept to a minimum, in line with the purposes for which they are processed. The purposes for which your data is processed are those for which we have obtained your consent.
– data storage limitation – we process and store the data received for a period of time, in accordance with the purposes for which they are needed and in accordance with your consent.
-users’ consent to data processing.
We would like to inform you that when you send an inquiry to Aurora Hotel Complex (for price conditions, for a reservation, for clarification regarding an already made reservation, for holding an event and/or other questions related to the services provided by the hotel) you give your consent to SEASIDE HOTEL MANAGEMENT LTD to store and process the personal data provided by you for the purposes of the inquiry.

PROTECTION OF PERSONAL DATA

The protection of customer information and data is a top priority of SEASIDE HOTEL MANAGEMENT Ltd. The company continuously implements and updates technical and organizational measures to ensure the protection of the customers’ personal data.

PERSONAL DATA SAFETY

SEASIDE HOTEL MANAGEMENT Ltd, implements technical and organizational security measures to protect the personal data you have provided from accidental or unlawful erasure, accidental loss, unauthorized access, alteration or distribution, as well as from other unlawful forms of processing by unauthorized persons. Regular reviews are carried out of all procedures and rules for collecting, storing and processing data, including physical security measures of the systems.
In accordance with the applicable law, SEASIDE HOTEL MANAGEMENT LTD may disclose and provide personal information if a court or administrative authority orders or requires this or if the provision of personal data is related to the fulfillment of a legal obligation. The data collected for the purposes of accommodation in Aurora Hotel Complex are accessible to third parties specified in the Tourism Act – the Ministry of Tourism, the Municipality of Varna, the Ministry of Interior, the National Revenue Agency and the National Statistical Institute.

CONSUMER RIGHTS REGARDING THEIR PERSONAL DATA

As a customer, you have the following rights regarding your personal data:
1. To receive information about your personal data that SEASIDE HOTEL MANAGEMENT LTD processes.
2. To request that your personal data is being corrected when it is inaccurate or should be extended in view of the purposes of processing.
3. Request that your personal data is being deleted only in some of the following cases:
– The data is no longer needed for the purposes for which it was collected or processed;
– Upon withdrawal of the explicit consent, in cases where personal data is processed only on the basis of an explicit consent of a subject;
– There is no legal or contractual basis for their processing; The processing of the data is recognized as unlawful;
– The National or the European legislation requires this.
4. To request that the processing of your personal data is being restricted in some of the following cases:
– Unlawful processing has been found, but you only want the processing of your data to be restricted instead of being deleted;
– In compliance with the rights of data subjects provided in EU Regulation 2016/679.
5. To request the transfer of your personal data concerning you and which you have provided to SEASIDE HOTEL MANAGEMENT LTD, in accordance with the rights of the data subjects provided in Regulation EU 2016/679 in compliance with the rules and procedures of SEASIDE HOTEL MANAGEMENT LTD. Your right to transfer the personal data concerns personal data for which the following conditions apply:
a) the processing of the data is based on your explicit consent or a contractual obligation and
b) the processing is carried out in an automated manner
6. To withdraw your consent to the processing of your personal data when its processing is based solely on your consent.
7. To submit a complaint to the Personal Data Protection Commission if you believe that your rights in relation to the processing of your personal data have been violated.

SUBMITTING A REQUEST

“SEASIDE HOTEL MANAGEMENT” Ltd. provides the following options for submitting requests under EU Regulation 2016/679:
In order to be properly identified and for “SEASIDE HOTEL MANAGEMENT” Ltd. to respond to you correctly, it is necessary to indicate certain mandatory details in the request/application form, such as data from your identity document, telephone number, if you want to provide us with an opportunity to contact you, as well as in what capacity you wish to submit a request to exercise your rights under EU Regulation 2016/679 – for example, client/former client, legal representative, etc. If the information provided is incomplete and/or incorrect, we may not be able to fulfill your request or part of it.
The request can be submitted to the following address: Bulgaria, Varna 9006, St. Constantine and Helena Resort, for Aurora Hotel Complex, or by e-mail: seasidehm@gmail.com

CHANGES IN THE REGULATION OF THE PERSONAL DATA PROTECTION POLICY

These personal data protection policy may be changed unilaterally by “SEASIDE HOTEL MANAGEMENT” Ltd. with a view to their improvement, offering new services, changes in the method of service and communication with our clients, as well as in connection with legislative changes.