Privacy policy & Terms of service

Privacy Policy and Terms and Conditions

PERSONAL DATA PROTECTION POLICY

The HOTEL is a personal data controller registered with the Commission for Personal Data Protection (CPDP) and processes the provided data and personal information in accordance with the Personal Data Protection Act and the General Data Protection Regulation (EU) 2016/679.

This Personal Data Protection Policy applies to the HOTEL and its official website.

As a personal data controller, we respect the privacy of our users. This security policy is intended to inform you about the process of collecting, processing, storing, using, and redirecting personal data. Therefore, please review its content carefully. If you have any questions, you can ask them via the contact form on the website or by email: hotel_paradisebeach@yahoo.com

Definitions

According to this policy and in line with Regulation (EU) 2016/679:

  • Personal Data means any information relating to an identified or identifiable natural person, who can be identified directly or indirectly by an identification number or one or more specific features. The data may relate to facts (e.g. name, email address, location or date of birth) or opinions regarding the data subject’s actions or behavior.

  • Personal Data Controller is a natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. When the purposes and means are determined by EU or Member State law, the controller or specific criteria for its appointment may be established by such law.

  • Processing of Personal Data means any operation or set of operations performed on personal data by automatic or other means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, provision, alignment or combination, blocking, erasure, or destruction.

Personal Data Processing

To ensure and improve the services we offer and for the administration of their associated resources, we store, use, and process personal data in compliance with applicable legal requirements.

TYPES OF PERSONAL DATA PROCESSED

The types of personal data the controller collects and processes vary depending on the purposes for which they are collected and the grounds for processing:

  1. For making and confirming reservations, the HOTEL collects and processes:

    • Via the website:

      • Full name of the contact person;

      • Email address and phone number of the contact person;

    • By phone:

      • Phone number and email address for reservation confirmation;

      • Full name of the contact person.
        These data are stored until the reservation is completed, after which they are destroyed and cannot be processed further.

  2. For guest check-in purposes, the HOTEL processes and stores the following:

    • Personal identification number or foreigner’s ID number;

    • Name (in Cyrillic for Bulgarian citizens; in Latin for foreigners);

    • Date of birth;

    • Gender;

    • Nationality;

    • ID/passport number;

    • Issuing country of the ID.
      These data are collected under Article 116, paragraph 2 of the Tourism Act for maintaining a guest register and are stored for 5 calendar years.

  3. For corporate or private events, the following are processed:

    • Full name of the event organizer or a contact person (for corporate events);

    • Email and phone number.
      These data are stored for 3 calendar years after the event.

PRINCIPLES OF PROCESSING

We adhere to the following principles when processing personal data:

  • Lawfulness – We comply with Bulgarian and EU laws during collection, processing, and storage;

  • Fairness and transparency – We process data as described in this publicly available privacy policy;

  • Purpose limitation and data minimization – We collect only necessary data aligned with legal or contractual obligations or with your consent;

  • Storage limitation – We retain data only as long as necessary for their purpose and according to your consent;

  • Consent – We require your explicit consent to use your data for marketing or service improvement.

When submitting a query to the HOTEL (e.g., price inquiries, reservations, event organization, etc.), you consent to the HOTEL storing and processing your data for the purpose of handling your request. Afterward, your data will be deleted in accordance with applicable law and this policy.

PERSONAL DATA PROTECTION

We use electronic methods to process personal data to ensure accurate and quick service and user support. The processing of your data is in accordance with applicable data protection laws, and we ensure that authorized personnel are committed to confidentiality or legally bound to it.

DATA SECURITY

The HOTEL implements technical and organizational security measures to protect your personal data from accidental or unlawful destruction, loss, unauthorized access, alteration, or distribution. Our measures are constantly improved and adapted to current technologies.

Personal data may be shared with HOTEL partners acting as data processors on behalf of the HOTEL, under conditions ensuring compliance with applicable data protection regulations. These partners may use the data only for agreed purposes and must treat it as confidential.

The HOTEL may disclose personal data if required by law or regulatory authority (e.g., court, administrative body) or in fulfillment of a legal obligation. Guest check-in data may be accessed by authorized bodies such as the Ministry of Tourism, municipalities, Ministry of Interior, National Revenue Agency, and National Statistical Institute.

USER RIGHTS REGARDING THEIR DATA

  1. You have the right to access and control your personal data. By submitting a written request through the website contact form, you can:

    • Get details about what personal data we hold and the purpose of processing;

    • Request deletion of your data with no further processing;

    • Request corrections if you identify errors or discrepancies.

  2. You have the right to object to your data processing. Submit your objection as per point 1, and the HOTEL will respond within 30 days with the outcome of the internal review.

  3. You can file complaints with the competent supervisory authority – in Bulgaria, this is the Commission for Personal Data Protection.

  4. You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transfer them to another controller, when the processing is based on consent or contract.

CHANGES TO THE PERSONAL DATA PROTECTION POLICY

The HOTEL may unilaterally update this policy to reflect improvements, new services, changes in service or communication methods, or legal changes.

Any changes will be announced on our website with reasonable notice. After this period, changes will apply to the processing of your data without additional notice. If you reject the changes, your consent will be deemed withdrawn, and the HOTEL will cease processing your data. This may also result in the termination of your participation in games, services, newsletters, etc., for which you initially provided your data.

CONTACTING THE HOTEL TEAM

If you have questions about our data protection measures or policies, contact us via the website’s contact form or email: hotel_paradisebeach@yahoo.com

TYPES OF PAYMENTS

Payments can be made in 3 different ways:

  1. Electronically via debit or credit card

We accept Visa, Visa Electron, V Pay, MasterCard, MasterCard Electronic, or Maestro cards. When this method is chosen, you will be redirected to our servicing bank’s payment page (DSK Bank) where you enter your card details. If registered for Verified by VISA or MasterCard SecureCode, you will be redirected to your issuer’s authentication page.

Your card data is used only by the intermediary bank and is not stored by us.

Security is ensured via:

  • SSL protocol for encrypted connection between our server and the bank’s page;

  • CVV2 code verification;

  • Authentication via Verified by VISA and MasterCard SecureCode (if registered).

The transaction amount is automatically deducted upon completion of the payment process.

For security reasons, the maximum card payment is BGN 3,000.

  1. Bank transfer

Payment must be made within the deadline provided after booking. After payment, it is recommended to send a copy of the payment receipt to hotel_paradisebeach@yahoo.com, including the booking number as a payment reference.

  1. Cash at the HOTEL reception

For bookings with arrival within 3 days, it is advisable to choose cash payment at reception to expedite processing.

REFUNDS

Reservation and Cancellation Policy:

  • Reservation: When making a reservation, the guest must transfer the amount for the first night via bank transfer within 7 days.

  • Cancellation: The guest may cancel the reservation free of charge up to 30 days before arrival.

  • The guest will be charged two nights if cancelled less than 30 days before arrival.

Last updated: 07/19/2025

© Hotel Paradise Beach Residence

Close