COMMON PROTECTION POLICY
(Politics / Politics) on Hotel Bellevue
This Policy is intended to ensure that the employees, contractors and customers of Hotel Bellevue (the Organization), in its capacity as Data Controller (ALS), are informed of their personal data processed by the Organization, and ensure the lawful, diligent and transparent processing of personal data.

Personal data is any information related to an individual that may, directly or indirectly, lead to his / her identification. Personal data is the information that, together with other information, may lead to the identification of an identifiable individual. Such information may be name, date of birth, PIN, address, identity document number, telephone number, email address, health status, online identifiers, end-to-end electronic communications data, etc.

The Common Personal Data Protection Policy of the Bellevue Hotel (DPOF) and the Data Protection Policies (Policies) and Personal Data Processing Procedures in the individual processing hypotheses (the Procedures) are designed to ensure the rights of individuals with regard to the protection of their personal data in the processing of the latter by the Organization.

Bellevue Hotel's general personal data protection policy contains the basic rules and informs about:

1. Purposes of processing of personal data;
2. Means of collection and means of processing personal data;
3. Disclosure of personal data;
4. Access to personal data, modification, correction, limitation of processing and deletion of the same, right of appeal to the supervisory authority;
5. Protection of personal data;
6. Use of personal data of children;
7. Transfer of personal data;
8. Ways to contact the organization;
9. Processing and storage deadlines;
10. If you do not provide your personal information.
11. Update and change of the current CPDP as well as the current version.

1. Purposes of processing of personal data.

Hotel Bellevue collects and uses your personal data only for the purposes stated in this Policy.

1.1. Targets of processing the personal data of the clients of Hotel Bellevue

a. Hotel 'Bellevue' Processes personal data for the purpose of offering goods and services to its potential guests. In this connection, Bellevue Hotel can process data about name, PIN, ID, ID, address and / or email address, etc.

b. Hotel 'Bellevue' Processes personal data for its guests for the purposes of execution of the contract / contracts concluded between the Bellevue Hotel and the tourist or tour operator agency, including accounting purposes in connection with the legal obligations of the administrator. For this purpose, the data of the individual may be processed for a name, personal ID or date of birth, identification number, address, email, telephone number, etc.

c. Bellevue Hotel Processes personal data with the explicit consent of the individual for the purposes of marketing research and the supply of additional goods and services to his guests, name, e-mail address, telephone number, technical details of the devices of the individual and others.

d. The Hotel Bellevue processes the personal data of its guests for the purpose of realizing their legitimate interests, including in connection with the execution of a specific contract with a tour operator, including for the purposes of collecting claims, as well as obligations of the administrator deriving from a legal act or ordered by a competent authority. For this purpose, the ALT processes name, PIN, ID number, contract number / client number, address, phone number, email address, etc.

1. Personal data processing, Bellevue Hotel may assign a third party to process personal data outside the structure of an ALS, which provides sufficient guarantees to meet the requirements of the relevant legal framework in the field of personal data protection. Personal data processing activities that the Organization may assign to Personal Data Processing are, for example: accounting and legal services, security and video surveillance, building, supply and maintenance of software products, computer systems, Internet sites, collection of receivables; by selling the claim through a cession contract. In this regard, it shall provide the relevant party to the contract of assignment or the cession contract with the data of the natural person referred to section 'd'.

1.2. Purposes of processing the personal data of the counterparts of Hotel Bellevue, Administrators or personal data processors.

a. Bellevue Hotel Processes personal data of its potential contractors representing administrators or processors of personal data for the purpose of establishing a contractual relationship, offering goods and services, outsourcing activities or taking action on behalf of its potential counterparts, with a clear intention to conclude a contract. In this connection, Hotel Bellevue can process data that personalize the person or his / her representatives, for example: name, telephone number, address and / or email address, etc.

b. Hotel 'Bellevue' processes personal data of its contractors for the purposes of the execution of the concluded / concluded between Bellevue Hotel and the contractor contract / contracts, including for accounting purposes, in connection with the legal obligations of the administrator. For this purpose, data of an individual may be processed for a name, personal ID or date of birth, identification number, address, email, phone number, etc.

c. Bellevue Hotel Processes personal data with the explicit consent of the individual for the purposes of marketing research and the provision of additional goods and services to his counterparts, name, email address, telephone number, technical details of the person's devices, etc. .

d. The Bellevue Hotel processes the personal data of its counterparts for the purposes of the fulfillment of its legitimate interests, including in connection with the execution of a specific contract, including for the purposes of collecting claims, as well as obligations of the administrator deriving from a statutory instrument or order by a competent authority. For this purpose, the ALT processes name, PIN, ID number, contract number / client number, address, phone number, email address, etc.

1. For the purposes of Art. 2.2 of the LPPO, Hotel Bellevue may process personal data of employees of its counterparts or assign to them the processing of personal data of its employees, with the contracting party providing sufficient guarantees of information and valid consent by the employees.

2. Processing of personal data, Hotel Bellevue may assign a third person, representing Personal Data Processing outside the structure of an ALS, which provides sufficient guarantees to comply with the requirements of the relevant legal framework in the field of personal data protection. Personal data processing activities that the Organization may assign to Personal Data Processing are, for example: accounting and legal services, security and video surveillance, building, supply and maintenance of software products, computer systems, Internet sites, collection of receivables; by selling the claim through a cession contract. In this regard, it shall provide the relevant party to the contract of assignment or the cession contract, the data of the natural person referred to in letter 'd'.

1.3. Purpose of processing the personal data of the employees, employees under the civil law relationship of Bellevue Hotel

a. Hotel 'Bellevue' Processes personal data of its potential and potential employees, respectively natural persons engaged in civil relations, for the purposes of personnel selection and the announcement and conducting of a competition for work, as well as application by the natural person for entering the job with the IDA, with a clear intention to sign a contract. In this connection, 'Bellevue' Hotel can process data that individualize the individual, such as: name, telephone, address and / or email address, work experience and professional experience, information on acquired educational qualification degrees, etc.

b. Bellevue Hotel Processes personal data of its employees / employees, respectively, of individuals employed under a civil law contract for the purposes of labor, social and health insurance legislation, including the keeping of a labor file, of the employees under the employment relationship, the payment of remuneration and benefits for temporary incapacity for work and incapacity for work. Next, for the purposes of performance of the contract / contracts, including accounting purposes, in connection with the legal obligations of the administrator, the modification, continuation and termination of legal relations. For this purpose, data of an individual may be processed for a name, personal ID or date of birth, identification number, address, email, phone number, etc.

c. 'Bellevue' Hotel Processes the personal data of its employees, respectively natural persons, engaged in civil relations, for the purpose of realizing their legitimate interests, including in connection with the execution of a specific contract, including obligations of the administrator deriving from a statutory act or order by a competent authority. For this purpose, an ALT handles name, PIN, ID, contract number, address, phone number, email address, etc.

1. Processing of personal data, Bellevue Hotel may assign a third person, representing Personal Data Processing, outside the structure of an ALS, which provides sufficient guarantees to comply with the requirements of the relevant legal framework in the field of personal data protection. Personal data processing activities that the Organization may assign to Personal Data Processing are, for example, accounting and legal services, security and CCTV, building, supply and maintenance of software products, computer systems, Internet sites etc.

2. Means of collection and means of processing personal data.

Hotel Bellevue collects your personal information in the ways specified in this Policy.

2.1. Personal data of our potential and actual guests, contractors, employees / individuals and individuals employed under a civil law relationship can be obtained or collected directly from the person to whom they relate; by another person for whom Bellevue Hotel, its representative or authorized person will notify the data subject; by an authority or an institution, subject to a valid legal basis for the receipt of the data. With a clear intent to enter into a contract or for the purpose of realizing the legitimate interests of an ALS, we can also obtain your personal data through access to public registers.

2.2. Personal data and information about the individual may be filed with us in the form of documents, forms, forms, applications, letters and correspondence. Next, your personal data can be processed at your visit to our hotel, which has an access control system and / or a video surveillance system.

2.3. We may collect or obtain your personal data from our own or our partners' (including cookie) websites, under the terms of this Policy, from your used devices, pages and brands on social networks, and from other sources, where there is a valid legal basis for this and compliance with data protection rules.

Hotel Bellevue processes your personal information with the funds specified in this Policy.

2.4. Non-automated means of processing personal data. Such are all means where the decision to process personal data or to perform a particular processing activity involves human intervention. In a non-automated manner and with non-automated means, we process the received documents in paper and electronic form, including contracts, written or oral correspondence, wishes of data subjects, etc. This type of data processing is done both on paper or other physical media and in the electronic environment, using computer systems and configurations, multifunctional devices such as printers, scanners, copiers and fax machines, as well as by using specialized software such as the accounting software.

2.5. Automated means of processing personal data. These are all means where the decision to process personal data or to perform a particular action on the processing of personal data takes place in the absence of human intervention. Our organization typically does not use fully automatic means of processing personal data. However, for this type of processing, it is possible to accept, for example, receiving information using cookies.

3. Disclosure of personal data.

Hotel Bellevue will disclose, including by providing, your personal data only in the cases specified in this Policy.

3.1. In the presence of a statutory obligation or at the discretion of a competent authority or institution, the ALS will disclose and / or provide your personal data to the appropriate authority or institution or other person.

3.2. Upon your express consent, when entering into or negotiating a contract with Bellevue Hotel.

3.3. In the case of an advantage for the ALS, arising from a statutory provision or other valid legal basis. Also in situations where the life, health, fundamental rights and freedoms of the data subject, third party and group of persons, as well as public health and public order security are endangered.

4. Making access to personal data, changing, correcting, limiting and deleting the same, right to appeal to the supervisor.

4.1. You have the right to request and obtain from Bellevue Hotel a confirmation that personal data relating to you are processed by an ALS.

4.2. You have the right to access data and information relating to the collection, processing and storage of your personal data by an ALS.

4.3. You have the right to receive information on the logic of the processing of your personal data, the purposes and timing of the processing and storage of the data, information on the categories of recipients to whom your personal data may be or have been disclosed or made available for processing, on behalf of the ALD.

4.4. If you do not wish all or any of your personal data to continue to be processed and / or stored by Hotel Bellevue in the event that there is no obligation for an ALS to continue processing and / or storing the data or absent an overriding legitimate interest in ALT to continue the processing and / or storage of personal data, you may object to the processing or request to restrict or terminate the same, and to delete your data. This objection, respectively, may be made in respect of all or some of the processing hypotheses, both for the full amount of personal data and for part of it.

4.5. You have the right to request from an ALS to update, correct or supplement your processed personal data.

4.6. You may request the deletion, limitation of the processing or return of your personal data, and the ALS will be required to fulfill your request in the event that:

• personal data is no longer needed for the purposes for which it was collected or otherwise processed;

• You withdraw your consent on which the processing of the data is based and there is no other legal basis for the processing;

• your personal data is being processed unlawfully;

• your personal information must be deleted to comply with a legal obligation under EU law or the law of a Member State that applies to Bellevue Hotel

4.7 ALT is not obliged to erase, restrict or process your personal data when storing and processing it:

• the exercise of the right to freedom of expression and the right to information;

• Compliance with a legal obligation that requires treatment provided for in EU law or the law of the Member State that applies to the Administrator or in the performance of the public interest task or in the exercise of the official authority granted to him;

• for reasons of public interest in the field of public health;

• for purposes of archiving in the public interest, for scientific or historical research or for statistical purposes;

• for the establishment, exercise or protection of legal claims;

• for exercising rights of the data controllers, the natural person having a legal interest over the legal interest.

4.8. In order to exercise the above rights, you must submit a written request to Bellevue Hotel, certifying your identity and describing exactly the basis of your request, which categories of personal data your request relates to, what actions to process and store your personal you make the request. The request under the previous sentence may be made, either in writing to our employee at an office or an office of an ALD, or electronically, subject to the requirements of the Electronic Document and Electronic Signature Act.

4.9. You have the right to file a complaint about the violation of your rights regarding the protection of your personal data with the Personal Data Protection Commission, address: Sofia 1592, 'Prof. Tzvetan Lazarov' № 2 (www.cpdp.bg).

5. Protection of personal data.

5.1 In compliance with the requirements of the General Data Protection Act and the relevant legal framework in the field of personal data protection, Bellevue Hotel regularly conducts audits and analyzes of its activities and carries out a risk and impact assessment for personal data, data and the legal sphere of the data subjects.

5.2. In this regard, Bellevue Hotel introduces and maintains in its organization an adequate level of security and protection of personal data through its implementation of appropriate technical and organizational measures for the protection of personal data and information security.

5.3. Hotel Bellevue conducts regular briefings and training of its employees in order to increase their awareness of their rights and obligations in relation to the processing of personal data as well as the development of the legal framework and technical progress.

6. Use of personal data of children.

6.1 The Bellevue Hotel does not collect or process personal data of children intentionally for any purpose other than the purposes of labor and social security legislation as far as the employees of the ALS are concerned. In these cases, the employee / employee gives consent to the processing.

6.2. Bellevue Hotel collects and processes personal data of children, and the same may happen when visiting an ALD where a video surveillance system is in place. In these cases, the rules and requirements of the CRDD and the relevant legal framework in the field of personal data protection are respected.

7. Transfer of personal data.

7.1 The Bellevue Hotel does not normally transfer personal data outside the Republic of Bulgaria.

7.2. Bellevue Hotel may provide your personal information to the appropriate travel or tour operator agency through which you have requested the use of our services in the event of a contractual or statutory liability for the ALS or in order to realize a preferential interest of the Organization, is necessary for the exercise of your rights.

7.3. ALD may provide your personal data to an insurance company outside the Republic of Bulgaria in the event of an insurance claim or for the exercise of your other rights or in view of legal obligations or preferential interests of an ALS.

8. Organization’s contacts

Aspikor Ltd. UIC 115325125 with headquarters and address of management Plovdiv, 6A Slivnitsa Str., Is a data controller and processes your personal data in a lawful, conscientious and transparent way.

• Contact information:
• Address: 8240 Sunny Beach, hotel 'Bellevue'
• Internet addresses: www.hotelbellevue-bg.com
• Phones 0554 25575
• Data Protection Officer The administrators appoint Yanko Yankov e-mail: dpo@hotelbellevue-bg.com

9. Processing and storage deadlines.

Hotel Bellevue processes and stores your personal data within the deadlines set out in this Common Personal Data Protection Policy or the terms agreed between the parties to the contract or when granting the consent to process the data.

9.1. Bellevue Hotel processes and stores your personal data for terms no longer than is strictly necessary to achieve the purposes of processing your personal data;
9.2. ALT processes the personal data within the statutory time limits where such data exists.
9.3. The deadlines for processing and storing personal data can also be defined between the parties to the contract with the data controllers, in compliance with the data processing objectives and the requirements of the relevant legal framework.

10. In the case that you do not provide us with the necessary personal data according to the purpose of the processing due to the necessity and / or obligation of Hotel Bellevue to process them, we cannot conclude a contract with you, provide you with the desired goods or service.

11. Update and change of the current CPDP as well as its current version.

11.1. Any changes to the DPPD made in the future will be published on the website of Hotel 'Bellevue'
11.2. According to the possibilities for contacting individuals and the nature of the relationship between the ALS and the same, the changes to the DPA, as well as the creation and updating of individual Policies for the processing of personal data will be communicated to the data subjects in a timely manner.

Last modified: 25/05/2018

I am familiar with and understand the Bellevue Hotel's Common Personal Data Protection Policy,

Valcho Valchev – General Manager

Sunny Beach

Date: 25/05/2018

ASPIKOR Ltd. is part of ASPI GROUP. Established in 1999, the company operates in the field of tourism and services.

Her property is Hotel Bellevue /4 */ in the famous Black Sea resort Sunny Beach.

http://www.hotelbellevue-bg.com/

Data Protection Officer

Dear customers and partners,

For us, the protection of personal data is an essential issue and therefore we have taken the necessary measures to provide you with summary information on the processing and protection of personal data from ASPITUR OOD, part of the ASPI GROUP Holding.

I have the responsibility to perform the personal data protection functions of ASPITUR Ltd., part of the ASPI GROUP Holding, and I believe that with the information provided will help you find an answer to all questions concerning your personal data. You can contact my team on all matters relating to the processing of personal data and the observance of your rights.

In the information provided, you will find answers to frequently asked questions, explanations of concepts related to the protection of personal data and other useful information related to the processing of your personal data.

Yanko Yankov – Data Protection Officer

Who can turn to the official?

The Data Protection Officer is appointed in accordance with the provisions of Art. 37 OF REGULATION (EC) No 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC General Regulation on Data Protection - ARPD) in the company ASPITUR OOD, part of the ASPI GROUP Holding.

The duties of the Data Protection Officer include the obligation to protect the rights and interests of data subjects.

The Personal Data Protection Officer may be contacted by all data subjects. Personal data subject refers to any individual to whom personal data refers. These are all citizens of the European Union (EU), whose rights are protected by the ARRD. The protection of personal data applies only to live individuals, as the General Rules exclude from their scope the data on deceased persons. In view of the activity of ASPITUR Ltd., part of the ASPI GROUP holding, these are above all our clients, employees and trade partners.

The Data Protection Officer is responsible for complying with the requirements regarding the application of the rights of the data subjects in the company ASPITUR OOD, part of the ASPI GROUP holding. Your applications relating to the company ASPITUR OOD, part of the ASPI GROUP holding, can be sent directly to the company in one of the following ways:

• Personally at reception at Bellevue Hotel
• By a notarized application sent by post
• By e-mail signed with a qualified electronic signature.

What is the Privacy Officer responsible for ?.

The Data Protection Officer organizes communication and assistance with entities in cases where their rights to the processing of their personal data have been violated and, in the case of the exercise of their rights, under Regulation 2016/679 (General Regulation on the protection of individuals with regard to the processing of personal data) personal data).

These are the following fundamental rights:

• the right to access personal data
• the right to correct personal data
• the right to obtain information about the processing of personal data
• the right to restrict the processing of personal data
• the portability of personal data
• the right to object to the processing of personal data
• the right to refuse automated data processing, including profiling
• the right of deletion (the right to be forgotten)
• the right to receive information in the case of personal data breaches
• the right to withdraw consent to the processing of personal data

Any of these rights may be exercised by the entity by submitting an application.

Applying for personal data

You can file your application with the Data Protection Officer. Your requests will be considered as soon as possible. The person accepting your request (the administrator or the Data Protection Officer) will provide you with information about the measures taken within one month of receiving your exact and understandable application, provided the application is uniquely identified. That period may be extended by a further two months if this is due to the complexity of the case and the number of requests. The Administrator (Personal Data Protection Officer) is required to inform you of any possible extension, within one month of receipt of the application, stating the reasons for such deferment.

If your application can not be identified or is not accurately and comprehensibly formulated, the Administrator or Data Protection Officer will contact you, requesting it to be supplemented, and the one-month deadline for resolving your application until the day of its completion. In this regard, please note that if you do not add your application within a reasonable time, it will not be considered and will be rejected on the basis of Article 12 of the Regulation.

Applications may be submitted in one of the following ways:

• Personally at reception at Bellevue Hotel
• By post with a notary certified statement
• By e-mail via a signed electronic signature application and message.

The answer will be sent to you in the manner specified in the application.

If the administrator cannot take the measures you have requested, you will also be informed not later than one month after receiving your application.

The provision of the requested information on our part as well as the satisfaction of your requests is free of charge. In the case of applications that are unjustified or unreasonable, mainly because they are repeated, the administrator is entitled:

(a) require a corresponding fee, including administrative costs incurred in connection with the provision of the requested information or message or in connection with the action taken

Or

(b) reject the request.

How to contact the Privacy Officer

By mail, at: BULGARIA 8240 Sunny Beach Hotel 'Bellevue'

Data Protection Officer

• Through an email message signed with a qualified electronic signature at:

dpo@hotelbellevue-bg.com

• Personally at reception at Bellevue Hotel

Please consider the following information regarding the processing of the personal data you will provide in connection with the processing of your application, signal or request:

The processing of personal data is carried out in order to comply with the legal provisions relating to the exercise of your rights under Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC. We will use your personal information to verify your identity and to properly review your request. Your data and media will be stored in your personal data protection system for the duration of your request and will then be kept for 5 years from reviewing your application in order to provide the relevant evidence at the start of any possible judicial or administrative proceedings. Your personal data will be available to interested companies handling your request as well as to ASPITUR Ltd., part of the ASPI GROUP holding, to which the Data Protection Officer has been appointed.

In this regard, we would like to inform you of your right to ask ASPITUR OOD, a part of the ASPI GROUP holding, to access your personal data, correct or delete it, limit its processing, deposit an objection to its processing, and the right to transfer the data. Further information on the processing of personal data and how to deal with claims for the enforcement of data subjects' rights as well as procedures in the event of a breach of personal data protection can be found on the privacy webpages of ASPITUR Ltd, part of Holding ASPI GROUP.

Login Form
Register Form