HOTEL GUEST PRIVACY NOTICE
This document is a privacy notice within the meaning of the General Data Protection Regulation (GDPR). It has been prepared by "Dialma - PS"(hereinafter referred to as the “Hotel Keeper”) specially for the guests of our hotels. Below you will find information:
about the controller in charge of processing of personal data;
about the categories personal data being processed;
about the conditions under which personal data are being processed;
about the purposes and legal grounds for processing;
about the periods of storage and the data security measures being applied;
about the employees’ rights according to GDPR,
and in what cases and under what procedure we share your data with third parties.
WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR DATA?
“Dialma - PS”, registered with the Trade Register under company ID number [EIK] 203232080, having its domiciled and registered office Plovdiv, str. Drin № 46, represented by Petar Stoilov. If you want to receive more information about what data we have collected regarding you, to obtain a copy of the documents containing your personal data or to exercise any of your rights under GDPR as well as if you have doubts that your data are being used in a wrongful manner, you can contact the data protection officer: Petar Stoilov, telephone: 0888 21 05 81, e-mail: email@example.com
WHAT INFORMATION ABOUT YOU WE COLLECT
In the context of our business it is necessary to collect and process information about our guests. The information is collected directly from our guests and it concerns, in particular, your name and other identification data, contact data (e-mail, address, telephone) as well as video depiction as far as certain places on the territory of the Hotel are under video surveillance, which is indicated by the respective information signboards and signs. Lastly, for the sake of the performance of Hotel Keeper’s legal obligations to keep a register of the guests we collect the following data of yours: personal identification number [EGN] / alien’s personal number [LNCh], names, date of birth, sex, nationality, number, validity date and issuing country of you personal ID document.
WHY WE COLLECT YOUR DATA
The main reason why we collect your data is to be able to identify you and to ensure the fulfillment of the commitments made in relation to your booking and stay as well as when filing a complaint in relation to our services, to ensure your security as well as the security of our employees and the hotel equipment. In case that you give your consent your data will also be used to provide information concerning promotions and other information related to our services. The hotel shall process your data also in order to fulfill the obligations arising by virtue of the national legislation, including the Tourism Act.
ON WHAT LEGAL GROUND WE PROCESS YOU DATA
The Hotel Keeper shall process personal data only on a valid legal ground. The legal ground for processing your data is the fulfillment of the commitments we have made to you under the contract for hotel services to which you are a party, mostly in order that we can identify you as a guest of the Hotel. Next, the processing of data is necessary for the protection of your rights as a consumer when filing a complaint in relation to our services. Thirdly, in your capacity of guests of the Hotel we are obliged to collect certain categories of your data in order to fulfill the obligations arising by virtue of the legislation.
Video surveillance as a security business is carried out on the basis of your legitimate interest to protect the security of the site, the hotel equipment inside and our employees as well as your own security. The video surveillance is carried out only in the general access areas designated by the respective signs. In order to ensure that you worry as little as possible we inform you that no video surveillance is carried out in any way whatsoever in the toilets and the rest and relax rooms.
The forms of processing related to e-marketing require your explicit consent to be informed by e-mail, calls and/or SMS of discounts, promotions, lotteries and other marketing activities. You can give your consent by ticking the respective box in the end of this notice.
WHAT MEASURES FOR PROTECTION OF COLLECTED DATA WE APPLY
Protection and security of your data are important for us. In order to avoid any loss, abuse or unauthorized access we apply all reasonable measures and means of protection. Nevertheless, if you suspect any breach we are asking you to contact us immediately by using the stated contact details.
FOR WHAT PERIOD WE KEEP YOUR DATA
Data related to your stay on the territory of the Hotel are kept for a period not longer than what is necessary and in any case for not more than 3 years. Video recordings at the Hotel are kept for a period not longer than what is necessary but in any case for not more than one month after you have checked out of the Hotel unless otherwise required by a law or a piece of delegated legislation. Data processed for e-marketing on the grounds of client’s explicit consent are stored until the consent is withdrawn but for not more than one year after such data are provided unless you have renewed your consent to receive marketing information.
WHAT RIGHTS YOU HAVE UPON PROCESSING OF YOUR DATA
GDPR stipulates a number of opportunities for protection of persons in relation to collection and processing of data and, in particular:
right to access and information concerning the processing of your data;
right to object to the processing where data are being processed on the grounds of company’s legitimate interest;
right to withdraw your consent to the processing of the data where the latter are processed solely on the grounds of your explicit consent;
right to portability of the data being processed on the basis of your right to as depending on your instructions we will provide you with a copy of the same or will automatically transmit them to another organization;
right to rectification in case that the data we store are inaccurate;
right to request “to be forgotten” where the data are processed on the grounds of your consent or the processing is unlawful in principle.
right to file a complaint to a supervisory authority (see more information below).
HOW WE SHARE YOUR DATA WITH THIRD PARTIES
We may make your data available to third parties as follows:
to other hotel keepers where necessary and where permitted according to the law;
to competent tax and other state authorities in case of inspection;
to our partners (e.g. tour operators, accountants, companies for external archive or lawyers and consultants, including in case of litigation);
upon merger or amalgamation your data may be shared with the new owner(s) and you will be given notice of that. In any case your data will not be shared with third parties established outside the territory of the European Economic Area (European Union, Norway, Iceland and Lichtenstein) unless such sharing is expressly permitted by the local legislation and there are adequate protection measures in place.
HOW YOU CAN CONTACT THE COMPETENT SUPERVISORY AUTHORITY
Regardless of the aforesaid in case of complaints you have the right to approach the Personal Data Protection Commission (PDPC):
in person at the following address: 2 Prof. Tsvetan Lazarov Street, city of Sofia;
by mail to the following address: 2 Prof. Tsvetan Lazarov Street, city of Sofia, postal code 1592;
by facsimile at 029153525;
at PDPC’s e-mail: firstname.lastname@example.org;
via PDPC’s website at: https://www.cpdp.bg/.
In view of the requirements of the legislation the above information may be changed by the Hotel Keeper. For any questions and up-to-date information concerning the processing of your data you can contact us by using the specified contact details.