Privacy Policy and Personal Data
The present policy for the protection of personal data is intended in accordance with the requirements for awareness under Art. 13 and Art. 14 of the General Data Protection Regulation (GDPR) to inform you about the personal data processing activities carried out by Sveti Sveti Constantine and Elena Holding JSC, the purposes for which the data are processed, the measures and guarantees for the protection of the processed data, your rights and the way in which you can exercise them, in accordance with the requirements of Regulation (EU) 2016/679 of the EU of 27.04.2016 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data. Therefore, please familiarize yourself with its contents by reading it carefully. In case you have questions, you can ask them at the following e-mail address: gdpr@stconstantine.bg
Administrator and contact details.
"Sveti Sveti Konstantin and Elena Holding" JSC, hereinafter referred to only as the "Company", is a legal entity entered in the Commercial Register and the Register of Non-Profit Legal Entities at the Registration Agency with EIC: 813194292 with headquarters and management address: Varna, k.k. St. St. Konstantin and Elena, administrative building, represented by Elena Koseva and Ivelina Shaban in their capacity as executive directors.
"Sveti Sveti Constantine and Elena Holding" JSC is the administrator of the personal data that is processed during or on the occasion of the implementation of the powers assigned to it by Regulation 2016/679 and the Personal Data Protection Act.
Definitions
For the purposes of this policy
Personal data is any information relating to a natural person that is identified or can be identified directly or indirectly by an identification number or by one or more specific characteristics. The data may refer to facts (for example – name, e-mail address, location or date of birth) or to an opinion about the actions or behavior of the Data Subject.
A personal data administrator is a natural or legal person, public body, agency or other structure that alone or jointly with others determines the purposes and means of personal data processing; where the purposes and means of this processing are determined by Union law or the law of a Member State, the controller or the special criteria for its determination may be established in Union law or in the law of a Member State.
Processing of personal data is any action or set of actions that may be performed in relation to personal data by automatic or other means, such as collection, recording, organization, storage, adaptation or modification, recovery, consultation, use, disclosure by transmission , distribute, provide, update or combine, block, delete or destroy.
Direct marketing is a set of activities aimed at improving the quality of the services we offer and aligning them with the exact needs and interests of our guests, as well as analyzing their satisfaction. This includes activities such as: online advertising campaigns, e-mail marketing, surveys, user profiling, etc.
Processing of personal data
In order to provide and improve the services we provide and for the needs of administering the resources to them, we store, use and process personal data in compliance with the applicable legal requirements. Purposes and grounds for processing personal data, categories of processed data. In order to provide and improve the services we provide and for the needs of administering the resources to them, we store, use and process personal data, complying with the applicable legal requirements. For direct marketing purposes, including analyzing and profiling target audiences and to track our customer satisfaction, we process the following data:
- E-mail address
- IP address
- Location
- Language
- Years
- Gender
- Interests
- Behavior of site users www.visitstconstantine.bg
The processing and storage of this data requires the express consent of the data subject. Data processed for direct marketing purposes are stored for a period of 26 /twenty-six/ months or until consent is withdrawn.
The purpose of collecting this data is to provide you with personalized offers and services that meet your needs and expectations.
Processing principles
When processing personal data, we observe the following principles:
legality - when collecting, processing and storing your data, we comply with the provisions of the applicable Bulgarian and European legislation;
good faith and transparency – the data we collect, process and comply with the current privacy policy, which is available to every single user;
relevance of the processing to the purposes and minimization of the data – the types of data we collect are minimized in accordance with the purposes for which they are processed. The purposes for which your data is processed are those for which we have obtained your consent;
storage limitation – we process and store the received data for a period of time, according to the purposes for which they are needed and according to your consent. user consent to data processing - in order to use your data for marketing purposes, in order to improve the services we provide to you, we must obtain your express consent for this.
Electronic (E-mail) newsletter and direct advertising
Please note that when you send an inquiry through the website www.visitstconstantine.bg, you give your consent to Sveti Sveti Constantine and Elena Holding JSC to store and process the personal data provided by you for the purposes of the inquiry.
After sending your inquiry, you will receive from "Sveti Sveti Constantine and Elena Holding" JSC an offer to give your consent to process your data for the following purposes:
for the purposes of direct marketing, as well as to receive newsletters about our current proposed travel ideas and organized games and events;
for surveys regarding your satisfaction with our services;
With our electronic newsletter, we regularly inform you about the offers and services offered in hotels and other entertainment facilities on the territory of the resort. By giving your consent to the processing of your data for the purposes of direct marketing, you will not only receive up-to-date information about our most attractive offers, but you will also contribute to the improvement of our services. By giving your consent, we will present you with information about preferential terms and offers, as well as a wide range of products and services, or direct your attention to those that may be of interest to you. This information may contain references to special offers, new products and new services.
If you wish to receive the electronic newsletter, we will need your valid e-mail address. For those who sign up for our newsletter, we use a so-called double opt-in procedure. This means that after registration, we send you an e-mail to the specified e-mail address, in which we ask you to confirm that you wish to receive a newsletter. If you do not confirm your registration within 2 weeks, your information is blocked and automatically deleted after one month. In addition, we store in each case the IP addresses used and the time of login and confirmation. The purpose of the procedure is to be able to prove your registration and where necessary to clarify any potential misuse of your personal data.
As a subscriber to the e-newsletter, you can at any time withdraw your consent to the processing of your e-mail address for sending the newsletter. Consent can be revoked through the link provided for this purpose in each e-mail newsletter or by sending an e-mail with the title "unsubscribe" to gdpr@stconstantine.bg
Rights of data subjects.
The measures taken to protect personal data in accordance with the requirements of Regulation 2016/679 are aimed at ensuring the rights of the subjects whose personal data are processed, namely:
Right of access. With a written application, you can receive information about the type of personal data provided and the purpose of their processing. The application can be submitted in person at the specified contact address or electronically from the e-mail address you have provided to us as data for processing, at gdpr@stconstantine.bg under the terms of the Law on Electronic Documents and Electronic Authentication Services, the Law on e-governance and the Electronic Identification Act. Your application must contain three names, social security number, contact address, description of the specific request and preferred form of receiving information when exercising your rights, signature, date of submission of the application.
Right to correct inaccurate or incomplete data. By accessing your data, you can request that it be corrected if you find any errors or inconsistencies. Right to erasure (the right to be forgotten), if the conditions of art. 17 of Regulation 2016/679 - after access to your personal data has been granted, you may request that we remove any records of your personal information, without the possibility of further processing
Right to data portability. Users have the right to receive their data, which "Sveti Sveti Konstantin and Elena Holding" JSC stores, when provided in a structured, widely used and machine-readable format. Users also have the right to transfer this data to another personal data controller without hindrance from "Sveti Sveti Konstantin and Elena Holding" JSC, in the cases and in relation to the data provided by consent, in the cases of data provided under contract, under to which the user is a party or data provided when the user takes steps and requests to enter into a contract.
Right to object. Users have the right to object to the processing of their data. The objection is addressed to "Sveti Sveti Constantine and Elena Holding" JSC, in order to obtain access to personal data. "Sveti Sveti Constantine and Elena Holding" JSC undertakes to consider your objection and within 30 calendar days from its receipt, to inform you about the result of the internal inspection.
- Right to restriction of processing within the meaning of Article 18 of Regulation 2016/679.
- Right for the data subject not to be subject to a decision based solely on automated processing including profiling.
Right to appeal to the Personal Data Protection Commission or to the court If you believe that your rights under Regulation 2016/679 have been violated, you can file a complaint with the Commission for the Protection of Personal Data or with the Administrative Court - Varna.
Protection of personal data
Confidentiality of personal data
We use electronic methods to process personal data in order to ensure accurate and fast provision of services and assistance to users. The process of processing your personal data provided to "Sveti Sveti Konstantin and Elena Holding" JSC is carried out in accordance with the applicable legislation in the field of personal data protection, as "Sveti Sveti Konstantin and Elena Holding" JSC respects your privacy.
Personalization and cookies
New technologies enable us to customize our website for each individual client. Cookies are text files containing information that allows the identification of returning users. Cookies are stored locally on the device you use to access our website: www.visitstconstantine.bg and do not cause damage to your system. Cookies free you from the need to enter data more than once, facilitate the transmission of specific content and help to identify your preferences (view and usability settings). Collecting and analyzing this information allows us to improve the electronic services and the overall user experience so that they meet your needs as closely as possible. You can familiarize yourself with the cookies and other technologies we use in our Cookies Policy.
Security of personal data
"Sveti Sveti Konstantin and Elena Holding" JSC implements technical and organizational security measures in order to protect the personal data you have provided from accidental or illegal destruction, accidental loss, illegal access, modification or distribution, as well as from other illegal forms of processing by unauthorized persons.
The security measures we apply are subject to constant improvement and adaptation to the latest technologies. Collected personal data may be provided to partners of "Sveti Sveti Konstantin and Elena Holding" JSC, who act as personal data processors on behalf of "Sveti Sveti Konstantin and Elena Holding" JSC and have undertaken to comply with all applicable norms for the protection of personal data.
We comply with the condition that the relevant information can only be used within the limits set by the legal basis on which it is collected or by your personal consent regarding the processing carried out on behalf of "Sveti Sveti Konstantin and Elena Holding" JSC, and that this information should be treated as confidential.
"Sveti Sveti Constantine and Elena Holding" JSC may disclose and provide personal information in accordance with the applicable law, if a court or administrative body orders or requires this, or if the provision of personal data is related to the fulfillment of a legal obligation of "Sveti Sveti Konstantin and Elena holding JSC.
Changes to the privacy policy
The rules of "Sveti Sveti Konstantin and Elena Holding" JSC for the protection of personal data can be changed unilaterally by "Sveti Sveti Konstantin and Elena Holding" JSC with a view to their improvement, offering new services, changes in the way of service and communication with our customers, as well as in connection with legislative changes.
When making changes to the current rules for the protection of personal data, "Sveti Sveti Constantine and Elena Holding" JSC will inform you of the changes by publishing them on our website www.visitstconstantine.bg, providing you with a reasonable period of time to familiarize yourself with them, after the expiry of which they start to apply to the processing of your personal data, without further notification. If, within this period, you state that you reject the changes, it will be considered that you have withdrawn your consent to the processing of your personal data and "Sveti Sveti Konstantin and Elena Holding" JSC will stop processing them for the future. This may also be related to the termination of your registrations for our games, services, electronic newsletters, etc., for the purposes for which you originally provided us with your personal data.
Contact with the team of "Sveti Sveti Constantine and Elena Holding" JSC, if you have any questions regarding our measures and rules regarding the protection of personal data, please send a message to the following address with the subject "Sveti Sveti Constantine and Elena Holding" JSC - Protection of personal data data": gdpr@stconstantine.bg