Privacy Policy
PRIVACY POLICY
Guest House “Katerina” respects the privacy of its clients and ensures the maximum protection of their personal data processed during their stay at the tourist accommodation. This Personal Data Protection Policy has been prepared and is based on the current Bulgarian and European legislation in the field of personal data protection.
Any amendments and additions to the Privacy Policy will be implemented only after the publication of its current content, available through our website: https://katerinaguesthouse.com and on our social network page.
The Privacy Policy is applicable to your personal data if you are an individual or a representative of a legal entity that is a client of Guest House Katerina.
PRIVACY POLICY
ET “NIKA- Nikolay – Arsenov, UIC 202559848 /hereinafter referred to as the “Merchant”/ is the controller of personal data within the meaning of the Personal Data Protection Act and processes the same in accordance with this Act and REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 (General Data Protection Regulation), hereinafter referred to as the “Regulation”. This Privacy Policy is intended to inform you what personal data the Merchant collects, how and for what purpose it is used, the conditions under which it is provided to third parties and for what purpose. The Privacy Policy may be amended and updated in order to bring it into line with any changes in the Bulgarian and applicable European legislation, as well as any changes in the Company’s activities.
ET “NIKA- Nikolay – Arsenov has its registered office at : gr. Kocherinovo, municipality. Kocherinovo, ul. “Binyo Ivanov” №16, tel. 0893515150, e-mail: guesthousekaterina@gmail.com. The main activity of the trader is related to the provision of accommodation in the guest house “Katerina “.
How and what data it collects Merchant:
The trader collects personal data that is necessary for the performance of its activities. Personal data is collected personally from data subjects. The customer data collected are: full name, unique citizenship number, ID card number /data are described in the Register of accommodated tourists, according to the Tourism Act/, e-mail address, telephone number, other data.
Purpose of the processing of personal data
Personal data is processed for the following purposes:
- To provide accommodation for tourists, including customer communication needs;
- For communication with representatives of the Merchant’s counterparties – legal entities;
- The data is stored for different periods of time depending on the requirements of the legislation in force:
- Customer-tourist data from the date of the last check-in, unless the data subject requests to be “forgotten” before the expiry of this period.
- We provide the services you have requested, including processing your orders and fulfilling our obligations arising from the contractual relationship between us;
- We provide new information directly related to the services we offer;
- Respond to enquiries and provide you with the information you have requested, including help to resolve issues arising in connection with your enquiries;
- We use re-marketing through trusted sites including Google AdWords and Facebook;
- We are looking for your views or comments on the services and products we provide;
- We perform statistical and other analyses to improve our services;
- Ensure that your interests are safeguarded in connection with your use of our site or services;
- We inform you of changes to our terms and conditions, privacy policy or services.
Provision of personal data to third parties
The trader does not provide personal data to third parties for marketing purposes.
Personal data is provided to the NRA and other statutory recipients where required by law and in compliance with regulatory requirements;
The trader shall provide personal data in the presence of a legal basis for the provision of the data or in the presence of explicit consent from the data subject to:
To the authorities of the Ministry of the Interior – in case of non-fulfilment of established obligations by tourists or in other legally defined cases;
The trader does not provide personal data abroad.
The trader shall in any event take such technical and organisational security measures against unauthorised and unlawful processing, accidental loss, destruction or damage of personal data as may be required, taking into account the state of the art, common practice and legal requirements.
Rights of data subjects
You have the right to know what the Merchant’s privacy policy is through this document.
You have the right to obtain confirmation as to whether and what personal data is being processed about you, you have the right to access that personal data, and you have the right to obtain a copy of the information on paper or electronically (depending on technical capabilities).
You have the right to ask the Merchant to correct your inaccurate personal data without undue delay, and to request that your personal data be updated in the event of a change in them. Given the purposes of the processing, you have the right to have your incomplete personal data completed, including by adding a declaration.
You have the right to request the deletion of your personal data if the legal basis for their processing has ceased or the data are no longer necessary for the Merchant to establish, exercise or defend against legal or other claims.
Where there is no legal basis for processing personal data, you have the right to request restriction of the processing of your personal data, as well as the right to object to the processing. You may withdraw your consent to the processing of traffic data for market research purposes at any time.
You have the right to request the transfer of your personal data to another Controller.
You have the right not to be subject to a decision based solely on automated processing, including profiling. The trader does not apply Automated Individual Decision Making, including profiling.
You may exercise the rights set out in this section by sending your request (and the reason for it) to: guesthousekaterina@gmail.com the Merchant shall ensure the exercise of your rights relating to the protection of personal data within the terms and under the conditions of the Personal Data Protection Act and in accordance with the Regulation.
Any person whose personal data is processed pursuant to this Policy has the right to complain to a supervisory authority (the DPA or the competent Court) in relation to the processing of their personal data.
The provision of personal data by employees of the Merchant is a mandatory legal requirement. The provision of personal data to other data subjects is a contractual requirement. If a data subject does not wish to provide his or her data, no contract may be concluded with him or her and he or she may not be the recipient of any service. The provision of an e-mail address is optional and depends solely on the customer’s wishes.
This Privacy Policy was adopted in May 2018. and shall be updated and/or supplemented from time to time in the event of changes in the legislation of the Republic of Bulgaria or the EU.
In relation to the storage and destruction of personal data, according to Art. 42. (1) (amend. – SG 57/07, in force from 13.07.2007) The accounting information shall be kept in the enterprise in the order provided for in the Law on the National Archive Fund, in the following terms:
- payroll – 50 d.;
- accounting records and financial statements – 10 years;
- tax control documents – up to 5 years after the expiry of the limitation period for the repayment of the public debt certified by these documents;
- financial audit documents – until the next internal audit and the Court of Auditors’ audit;
- all other carriers – 3 years.
Personal data in the guest house “Katerina” is stored as required, in a locked room, without access to outsiders.