Privacy Policy

Hotel Adria Policies

This Personal Data Protection Policy aims to inform you about the manner in which we process your personal data in our capacity as a controller, as well as about your rights.We are a sole-owner limited liability company under the name GRANITI Ltd., UIC 121205956, with registered office and management address at: Sofia, 1 Seliolu St., represented by Manager YAKUP BAYRA.Email: manager@hotelarisadria.com


Within the Company, your right to privacy is a top priority and has been embedded in the design and development of our systems. Your right to personal data protection is established as a restriction on processing, so that in all cases you may trust us completely and focus on your pleasant stay in our hotels. By providing us with your information, you place your trust in us, and this makes us assume full responsibility for its lawful processing. We act responsibly and attach great importance to the protection of the personal information you provide when registering as a client of our hotels through our website.


We strive for transparency in the processing of your data. We have written our Privacy Policy and the related documents in clear and accessible language, without overly complicated wording and with sufficient information.


Most importantly, you should understand the information we process and the choices available to you.


This Privacy Policy has been in effect since May 25, 2018.
1. Where this Privacy Policy applies
This Privacy Policy applies to our website and to the applications we use in order to register your reservation at our hotels.


2. Information We Collect
The personal data processed by Graniti Ltd. on our corporate website is as follows: when you enter your details for the purpose of making a reservation at our hotels, we process the following personal data that you provide to us: first name, middle name, last name, email address, address and telephone number.


3. Cookies and other similar data collection technologies. We also use ‘“cookies’” (small text files sent by your computer each time you visit our website) or similar technologies to capture data. When we use ‘“cookies’” or other similar technologies, we use either session cookies (which last until you close your browser) or persistent cookies (which remain until you or your browser deletes them). For example, we use ‘“cookies’” to store your language preferences or other settings so that you do not have to configure them each time you visit the site. Some of the “cookies” we use are associated with your profile (including information about you, such as the email address you provided to us), while others are not. For more detailed information about how we use “cookies”, please review our Cookie Policy. We also receive technical information when you use our website. Each time you use the website, mobile application or another internet service, the system automatically creates and records certain information. Here are some of the categories of information we collect:


Log file data. When you use the website, our servers record information (‘“log data’”), including information that your browser automatically sends whenever you visit a website or that your mobile application automatically sends when you use it. This log data includes your Internet Protocol address, the addresses and activity of the websites you visit, searches, browser type and settings, the date and time of your request, how you used the website, cookie data and device data. If you would like more details about the information we collect, please contact us via the contact form.


Device information. In addition to log data, we collect information about the device through which you use our website, including device type, operating system, settings, unique device identifiers and crash data that helps us understand when something has stopped working. Whether we collect part or all of this information often depends on the type of device you use and its settings. For example, there are different types of information depending on whether you use a Mac or a PC, or an iPhone or an Android phone. To learn more about what information your device makes available to us, please also review the policies of your device manufacturer or software provider.


3. How We Use Information

We process your personal data on the following grounds:
• compliance with legal obligations, including statutory obligations to retain or provide information upon receipt of a relevant order from competent state or judicial authorities, to ensure the exercise of the supervisory powers of competent public authorities, and to fulfil the Company’s legal obligations to notify you of various circumstances related to your rights, the Services provided, or the protection of your data, etc.;
• conclusion and performance of contracts for the provision of the Company’s goods.
• pursuing the legitimate interests of users of the Services and of third parties, such as members, other users, Employers, Representatives of employers, etc.


We process your information for the following purposes:
• pursuant to a specific customer order from you, upon sale, when preparing an offer, or in response to your enquiry concerning the goods and services we offer.


4. How we share Information
Since our goal is to help you reserve your stay easily and conveniently, we share information with certain service providers and partners who help us maintain our services. For more details regarding the sharing of your information with others, please read the following:
• With our service providers and partners
We use third parties to help us operate and improve our services. These third parties assist us with various tasks, including hosting, data maintenance and analytics. When sharing information, we comply with legal requirements and limit such sharing to non-personal information where appropriate.
We follow a strict review process before engaging a service provider or working with any partner. All of our service providers and partners are required to accept strict confidentiality obligations.
• When required by law
We may disclose your information if reasonably necessary: 1. to comply with legal process, such as a court order, subpoena or search warrant, investigation, law-enforcement request or other legal requirement; 2. to assist in the prevention or detection of crime (in each case subject to applicable law); or 3. to protect the safety of any person.
• With consent or upon request
We may ask for your consent to share your information with third parties. In each individual case, we will clarify why we want to share your information.


5. Cross-Border Data Transfers
The Company does not transfer data outside the European Union.


6. Your Rights
As a data subject, you have the right to exercise the rights listed below.


Before you can do so, it is necessary for us to identify you, and this identification will be carried out on site at our reception desks.


The period set out in the Regulation for responding to your request is up to 1 (one) month, which we will observe in accordance with our adopted procedures.


You may submit your request in paper form at our reception desks, and we will notify you, in the manner specified by you, of the outcome of each of your requests in accordance with the GDPR.
List of your rights:
• Right to withdraw your consent to the processing of your personal data at any time in accordance with the requirements of the Regulation;
• Right to rectification of personal data – if you believe there is an error in the personal data collected about you, you may request that it be corrected. You will need to indicate the data you believe to be correct.
• Right of access to your personal data – you have the right to receive confirmation as to whether we process your personal data and, if so, to obtain access to it. Together with the data, we will also provide you with the mandatory information described in Article 15(1) of the Regulation.
• Right to erasure of your personal data – you may request to be forgotten, and we will assess whether the requirements of Article 17 of the Regulation have been met.
• Right to restriction of processing – this means marking stored personal data for the purpose of restricting its processing in the future. If you wish us to retain your personal data without processing it, you may submit a request under this point.
• Right to data portability – you may request that the personal data we have collected about you be provided in a structured, commonly used and machine-readable format. At present, we are unable to transfer your data directly to another controller.
• Right to object – at any time you may object to the processing of your personal data, including profiling and direct marketing.
• Right to request that the Controller of your personal data notify the third parties to whom the Controller has provided your data regarding the rectification, erasure or restriction of the processing of the personal data. In all cases where you exercise any of the above rights, we will notify those third parties of your request.
• You have the right to lodge a complaint with the Personal Data Protection Commission, in the form and with the details established by law.


7. Accuracy of Information
The Company shall not be responsible for the accuracy of the data you provide on our website; therefore, it carries out checks upon your arrival at the reception desks of our hotels. In all cases of suspicion on your part, of established fraud and/or misuse of your personal data, please notify us immediately.


8. How We Protect Your Information
Taking into account the complexity of the issue, we have focused on the following types of personal data protection: physical, personnel-related, documentary, and protection of automated information systems and networks. In applying the new requirements of the Regulation to data transfers, we also use cryptographic protection.


9. How Long We Retain Your Information
We retain your information for as long as necessary for our legitimate interests or as determined by the legislation of the country. Retention period for personal data: the period for which we will retain your personal data is one year, after which it will be destroyed. The period for destruction of your data may be longer than one year in cases where Bulgarian legislation requires this.
Any future changes to this Personal Data Protection Policy will be published on this page. Last update: 23 May 2018.


10. How to Contact Us
If you have any questions regarding this Personal Data Privacy Policy, please send an email to: manager@hotelarisadria.com