We are concerned about your privacy and we are required to protect your personal data. This Privacy Statement tells you how we manage your personal information, your privacy rights, and how the law protects you. . Please read this Privacy Statement carefully before browsing our site or communicating with us.
“Services” means all products, services, content, features, technologies, or features and all related websites, applications, and services offered by us.
“Platform” means websites, mobile apps, mobile sites, or other online properties through which we offer our services.
“Personal data” means any data that contains identifying information (eg name, address, telephone number, email, etc.).
“Data administrator” means a person or company that determines the purposes or means of processing personal data.
1. Who are we?
2. What data do we collect for you?
2.1.1. Data provided through direct interactions.
Request for reservation and contact by contact forms on our platforms.
When making a reservation request we can collect the following information for you:
2.1.2. Information we collect automatically when you use our Services
When you access our Platforms, we automatically collect the following information for you:
We collect specific device information such as operating system, version, unique identifiers. We collect specific device information such as operating system, version, unique identifiers. This data helps us to link the visit to our site with your profile and to always provide you with individual experiences and offers.
Depending on your device permissions, we automatically collect and process information about your actual location. Depending on your device permissions, we automatically collect and process information about your actual location. Your location data helps us offer you the best deals for your location.
Your location data helps us offer you the best deals for your location.
Technical details, including the IP address of your device, time zone, and operating system. We will also keep your booking request (query date), browser type, and version information.
Data generated by users when viewing webpages
We collect information about your activity on our Platform that includes the sites from which you access our Platform, the date and time of each visit you made, searches, ads, or banners you clicked, your interaction with such ads, or ads on the time of your visit, and the order in which you visit the content of our Platform.
Cookies and similar technologies
We use “cookies” to manage user sessions, to keep the selection of your preferences related to the language used. Cookies are small text files transferred from a web server to your device’s hard drive. . Cookies can be used to collect the date and time of website visits, web browsing history, your preferences, and your username. You can set your browser to deny all or some cookies or to alert you when the websites you visit set or have access to cookies. Please note that if you disable or disable cookies, some of our services / Platforms may become inaccessible or may not function properly. For more information about the cookies we use, please see our Cookies Policy and related technologies.
2.1.3. Data from third parties or from publicly available sources
We receive your personal data from different third parties [and public sources] as outlined below:
i. Specific technical data and information on the use of the Services by analysts such as Google, Saycle;
ii. from ad networks
iii.by search providers;
2.1.4.We do not collect personal data that:
reveal racial or ethnic origin;
reveal racial or ethnic origin;
reveal membership of political parties or organizations, associations with religious, philosophical, political or trade union goals;
refer to health, sexual life or the human genome;
3. Do we collect information from children?
Our Services are not intended for children under the age of 16 and do not consciously collect personal data from persons under 16 years of age. If we know that a person under the age of 16 has provided us with personal data we will delete them immediately.
4. Why do we process your personal information?
We will use your information and personal data only when the law permits us. We will most often use your personal information in the following circumstances:
When we need to contact you to send you the offer you have requested
When we need to complete the booking you made.
When it is necessary to protect your legitimate interests to improve our services and provide you with a safe and secure Platform.
When we are obliged to comply with a legal or regulatory obligation.
When we are obliged to comply with a legal or regulatory obligation. . If we do, we will notify you of the purpose and the category of personal data that will be processed at the time you request your consent. Below is a description of how we use your personal information [and which are the grounds we invoke to do it. We also identify what our legitimate interests are].
4.1 To provide feedback.
If you make a reservation request or send us a message via the inquiry form, we use your name, surname, mobile number, and/or email address to identify you and send you the most suitable proposal.
We process the above information for the accurate performance of our agreement with you and based on our legal interest in marketing activities to offer you services that may be of your own interest.
4.2. To improve your user experience in the Platform.
A) We use data generated by users when browsing webpages to:
we offer compliant content, such as giving you more suitable holiday offers.
determine how much time you spend in a Platform, and how you manage the Platform to understand your interests and improve our Services based on this data. For example, we may offer you content to visit based on the content you clicked on.
monitor and report on the performance of our business partners’ campaigns and on internal business analyzes.
Б) We use your location data for the following purposes:
to compile anonymous and aggregated information on the characteristics and behavior of Platform users, including for business analysis purposes, segmentation, and disclosure of anonymous profiles.
improve the performance of our Services, and customize the content we target to you. For example, using your location data, we can send you a specific bid associated with your location.
For example, using your location data, we can send you a specific bid associated with your location.
В) Using the inquiry information you provide, including an email address and a phone number, we reflect the various devices (such as desktops, mobile devices, tablets) you use to access the Platform. Using the inquiry information you provide, including an email address and a phone number, we reflect the various devices (such as desktops, mobile devices, tablets) you use to access the Platform.
We process the above information based on our legitimate interest to improve your experience in the Platform and fully implement our joint venture.
4.3.To provide you with a safe and secure Platform.
А) We use your mobile number, access form data, and unique device identifiers to administer and protect the Platform (including troubleshooting, data analysis, testing, fraud prevention, system support, support, reporting, and acceptance of data).
B) We analyze your communications through our feedback function to prevent fraud and to promote safety by blocking spam or offensive messages that may have been sent to you by any other user.
We process the above information for the full and accurate execution of our joint venture, to improve our Services and our legitimate interest in preventing fraud.
6. Your rights
In certain circumstances, you have the rights under the applicable privacy laws and your personal data.
If you wish to exercise any of the rights listed below, please select your account settings / privacy settings or contact us via contact form or by email firstname.lastname@example.org:
Right to request access to your personal data (commonly referred to as “data subject request”). This enables you to obtain a copy of the personal information that we store and to verify that it is legally processed.
Right to ask for a correction of your personal information we have for you. This allows you to correct any incomplete or inaccurate data we have for you. However, we may need to check the accuracy of the new data you provide us with.
Right to request the limitation of the processing of your personal data. This allows you to contact us with a request to suspend the processing of your personal data in the following hypotheses: a) if you want to prove the accuracy of the data; b) when you believe that the use of our data is illegal; c) when you require us to store the data, even if you no longer need it, as you need to identify yourself in order to exercise or prove your claims; or (d) when you oppose the use of your data, but we need to verify if we have legitimate reasons to use it.
Right to request the deletion of your personal information. This right allows you to contact us with a request to delete or remove your personal information when there is no good reason to continue processing it. . In addition, you have the right to request to delete or remove your personal data when you have successfully exercised your right to object to processing (see below) when you have doubts that we may have processed your information not in accordance with the law or when required to erase your personal information to comply with legal requirements. Please note that for certain purposes we may be legally obliged to store your personal data (see Section 10).
Right to object to the processing of your personal data when it is based on a legitimate interest (or that of a third party) and has reason for your specific interests, which makes you oppose the processing of your personal data on this basis, that processing violates your fundamental rights and freedoms. You have a right to object when processing your personal data for the purposes of direct marketing. In certain cases, we can prove that we have compelling legitimate reasons to process the information about you that waives your right of objection.
You may request the transfer of your personal data to you or a third party. We will provide you with either a specified third party that you have chosen, your personal data in a structured, commonly used, machine-readable format. Please note that this right applies only to automated information for which you have originally consented to use or which we have used to conclude a contract with you.
You have the right to withdraw your consent to the processing of your personal data at any time. This is without prejudice to the lawfulness of the processing we have already done on the basis of your prior consent.
No fee is normally required: You have no obligation to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if your application is clearly unfounded, repetitive, or excessive. We may refuse to fulfill your request under these circumstances.
7. Communications and marketing
We will contact you by email or by calling our Services and your inquiry through our platforms. As it is imperative to provide you with such messages at your request, you may not be given the opportunity to opt-out of receiving them.
You may request that we stop sending you marketing communications at any time by clicking the opt-out link in the email or in the SMS sent to you.
You may receive marketing communications from us in the event that:
you have requested such information from us;
use the Platform or Services;
You provided your data when you participated in a contest organized by the Platform; or
you are registered for a promotion.
8. To whom do we share your data?
We may share your personal data with the countries listed below for the purposes listed in Section 4 above.
Our marketing department to contact you for your interest in our services, as well as to send you advertisements related to your interests.
Sales and Reception Department to enter your data into our reservation systems, which is the only way to prove that the reservation made is on your behalf.
Third-Party Service Providers: We use third-party service providers to provide certain parts of our Services, such as the hosting company, the companies that collect and classify marketing data. Service providers may be located inside or outside the EEA.
We conduct inspections of our third-party service providers and require them to respect the security of your personal data and target them in accordance with legal requirements. We do not allow third-party service providers to use your personal data for our own purposes and only allow them to process your personal data for specific purposes only and in accordance with our instructions.
Ad Servers and Analysts: In order to improve our Services, we will occasionally share the non-identifiable information with analytics providers that help us analyze how users use the Platform / Services. We share our information with them in a non-identifiable form for monitoring and reporting on the performance of our business partners’ campaigns and business analysis. For more details on our advertisers and analytics vendors, please see our Cookies Policy and related technologies
Regulators, regulators, and others: We may disclose your personal data to law enforcement, governmental or public authorities, and others like third parties to comply with all legal or regulatory requirements. We may disclose your personal data when such disclosure is necessary for the creation, exercise, or protection of legal claims, whether in court proceedings or in an administrative or extrajudicial procedure. In these cases, we are not obliged to inform users about the disclosure of their personal data to public authorities. In these cases, we are not obliged to inform users about the disclosure of their personal data to public authorities.
We can sell, transfer or merge parts of our business or our assets. We are likely to acquire or merge with other companies. If these changes occur in our activity, new owners may use your personal information in the same way as described in this privacy statement.
Publicly available information: When you post a product for sale through our Services, you may choose to make certain personal information visible to other Platform users. This may include your name, surname, email address, location, and contact number. Please keep in mind that any information you provide to other users may always be shared with third parties, so please do so at your own discretion and at your own risk.
9. International transfers
Every time we transfer your personal data outside of the EEA, we ensure that a similar level of protection is provided, ensuring that at least one of the following safeguards is applied:
We transfer your personal data only to countries that are accepted by the European Commission to ensure an adequate level of protection of personal data. For more details, see the European Commission: Adequacy of personal data protection in non-EU countries.
When we use the services of certain service providers, we can conclude with them specific contracts approved by the European Commission that provide personal data with the same protection they have in Europe For further details, see the European Commission: Example of Third-Party Transfers of Personal Data
When using service providers based in the US, we may transfer data to them if they are part of an EU-US Privacy Shield, which requires them to provide similar protection to personal data shared between Europe and the United States. For more details, see the European Commission: EU and US Privacy Agreement.
You can get a copy of the warranties entered by contacting us through the contact form.
10. Where do we store your data and for how long?
The data we collect for you will be stored and processed in and outside the EEA on secure servers in order to provide users with the best user experience. For example: to quickly create websites or mobile apps.
We will only retain your personal data for as long as necessary to meet the purposes for which we have collected it, including for purposes of compliance with statutory, accounting or reporting requirements.
To determine the appropriate period of privacy, we take into account the amount, nature, and sensitivity of your personal information, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can to achieve these goals by other means and the applicable legal requirements.
In case you have any questions regarding the period of storage of your personal data, please contact us via the contact form or email email@example.com
11. Technical and organizational security measures for processing
All the information we receive for you is stored on secure servers of our hosting provider and we have implemented technical and organizational measures that are appropriate and necessary to protect your personal data. Hotel Camelia continually assesses the security of its network and the suitability of its internal information security program, which is designed to: (a) help protect your data against accidental or unlawful loss, access, or disclosure; (b) identify reasonably foreseeable security risks for our web platforms; (c) minimize security risks, including risk assessment and routine testing. We also ensure that all payment data is encrypted using SSL technology.
Please note that despite the steps taken by us to protect your data, the transfer of data over the Internet or other open networks is never completely protected and there is a risk that your personal data will become available to unauthorized third parties.
12. Links targeting third-party sites
For further information or to exercise your rights, please contact our hotel manager at firstname.lastname@example.org.
For local data protection issues, your local supervisor is:
Personal Data Protection Commission
Address: Sofia, 1592, Tsvetan Lazarov Blvd.
Tel. +359 2 915 3580 Fax +359 2 915 3525
14.2. The administrator takes measures for the protection of the personal data of the users in compliance with the requirements of the Personal Data Protection Act and other applicable provisions of Bulgarian and European law.
14.3. . The user agrees to receive system information and messages that, at the discretion of the Administrator, are useful, informative, or necessary in relation to the Services, including but not limited to information about products or services, updates, new features or services, promotional campaigns, promotions, alterations or technical failures in the operation of the platforms as well as other information from the Administrator and his / her partners to the e-mail address or telephone number indicated by the user in the reservation form. The user can withdraw his / her consent at any time by emailing email@example.com.
14.4. The user agrees to his preferences, to be used for newsletters and other purposes in connection with the Camelia Hotel’s platforms.
14.5. The user’s personal data entered by him on Kamelia’s platforms in connection with making an online offer will remain stored in the system even if the inquiry has not been completed.
14.6. In certain cases, e.g. when the Administrator has reasonable grounds for suspecting the violation of the Terms and Conditions of Use of Platforms, Applicable Laws, or Detecting a Crime or Preventing an Infringement, the Administrator shall have the right to access the User’s personal data.