Hotel Radik

Sozopol, Bulgaria

Entry-header image

Terms & Conditions

Hotel Radik is managed by Radik 2013 LTD. The privacy and the confidentiality of our customers’ data is of utmost importance to us. We are committed to protecting the privacy and security of the data of all users of the website owned and managed by Radik 2013 LTD.

By making a booking through our website, you agree to the terms and conditions regarding the collection, recording, management, storage, use, blocking, deleting, disclosure and transfer of data in accordance with this Privacy Policy.

We process your personal data exclusively in accordance with the applicable legislation, namely REGULATION (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR), the Personal Data Protection Act (PDPA) and the Electronic Commerce Act (ECA).

I. WHO PROCESSES AND BEARS RESPONSIBILITY FOR YOUR PERSONAL DATA

Radik 2013 LTD, UIC 202927240 is a trade company with address: 4 Republikanska Street, Sozopol, Bulgaria
phone: +359 885 033 885
е-mail: radik_sozopol@abv.bg
website: https://hotelradik.bg

The accommodation services that we provide to you require processing of your personal data by Radik 2013 LTD as personal data administrator observing the terms and requirements of the personal data protection rules in accordance with GDPR.

II. PERSONAL DATA PROCESSED BY US

As our customers, regardless of the form of booking – by phone or through website – we process the following personal data:

  • name and family
  • telephone
  • e-mail
  • PIN or NRA (personal identification number of a foreigner)
  • country of residence
  • address, including city and country

When you make a booking through the website from a registered user profile, except the data specified in clause 1, we process the following data:

  • username and password
  • IP addresses and cookies

III.  GROUNDS FOR PROCESSING

Radik 2013 LTD processes your personal data on the grounds of Art. 6, § 1, b. (a); b. (b), b. (c) and b. (f) of GDPR, namely:

  • Art. 6, § 1 b(a) of GDPR – the data subject has given consent to the processing of his or her personal data for receiving commercial messages.
  • Art. 6, § 1 b (b) of GDPR – the processing is necessary for the execution of a contract to which you are a party or in order to take steps in response to your request prior to entering into a contract, incl. in case of booking.
  • Art. 6, § 1 b (c) of GDPR – the processing is necessary for compliance with a legal obligation to which Radik 2013 LTD, is subject, such as accounting obligations for commercial activities, etc.
  • Art. 6, § 1 b (f) of GDPR – the processing is necessary for the purposes of the legitimate interests pursued by Radik 2013 LTD, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

IV. PURPOSES OF THE PROCESSING

A/ For the conclusion or execution of a contract for accommodation services, Radik 2013 LTD perform the following action and process the following personal data:

  • Identification of the customer, incl. through user profile;
  • Updating your personal data;
  • Service and response to customer complaints/inquiries/requests under Art. 15-22 of GDPR / complaints;
  • Settlement of due amounts, in case of existing grounds;
  • Email verification to ensure the security of access to your account data and password resetting.

B/ For the conclusion or execution of a contract for accommodation services, Radik 2013 LTD perform the following action and process the following personal data:

  • Issuing of invoices, drafting providing detailed information, if provided for in the individual contract of the customer;
  • For financial and accounting processing of the contract with the customer and for tax and social security control by the relevant competent authorities;
  • Fulfillment of the obligation of accountability of the Controller by recording legally significant verification data in electronic documents – technical logs.

C/ For the purposes of the legitimate interests of Radik 2013 LTD, namely:

  • Securing all issues related to complaints;
  • Prevention and investigation of fraud in online bookings as well as losses and fraud;
  • Analysis of statistical data.

D/ For marketing purposes:

  • analysis of consumer demand and behavior;
  • sending promotional messages, offers;
  • sending advertising and/or informational messages.

V. MINOR AND UNDER AGED PERSONS

Radik 2013 LTD does not provide services to persons aged under 18.

Persons aged under 18 may use our services only with the assistance of an adult acting as a representative of the minor/under aged person.

If Radik 2013 LTD received information that they have collected personal data from a person aged under 18, these data will be erased, unless the law does not oblige Radik 2013 LTD to store such data and to inform the relevant public authorities.

VI. DATA COLLECTION METHOD

Radik 2013 LTD processes only personal data provided by you – our customer. This means that you are responsible to not provide data of third parties in breach of their rights to protection of personal data. Therefore, each data subject is solely responsible for providing data of third parties without their knowledge or without obtaining their consent in fulfilling the requirements of the applicable data protection legislation, including names, telephone numbers and addresses of recipients of shipments provided to us by a customer.

VII. WHERE DO WE STORE YOUR PERSONAL DATA

The data we collect from you is stored within the European Economic Area (EEA) in compliance with national and European legislation, and in particular REGULATION (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR).

VIII. WHO HAS ACCESS TO YOUR PERSONAL DATA

Radik 2013 LTD do not provide your personal data to third parties without legal or contractual grounds and do not disclose data to third countries and international organizations outside the EU and EEA.

Radik 2013 LTD provide personal data to other controllers when required to fulfill legal obligations of the Controller or under contract to provide high-quality accommodation services and related additional services, and for marketing campaigns aimed at improving the quality of the provided accommodation services, namely:

  • Taxi companies;
  • Technical service analysis companies, such as hosting companies;
  • Technical support companies, such as POS systems; CRM and call center system used to manage outgoing and incoming telephone calls for IT support and communication;
  • The banks servicing your payments;
  • Consultants in various fields – legal, accounting, auditing, incl. compulsory collection of receivables, etc.;
  • State administrative bodies – NRA, etc., where applicable in cases provided by the law.

IX. PERIOD FOR PROCESSING AND KEEPING. DESTRUCTION OF DATA

Depending on the type, the grounds and the purposes of the processing, your personal data kept for the periods provided for by the national or EU law, so that the Controller can fulfill the obligations imposed by the law.

  1. 10 years for accounting documents as of the beginning of the year following the year in which the accounting document was issued – two names, PIN or NRA, bank account number.
  2. 5 years from the execution of a specific contract, for monitoring of the execution and securing all matters related to complaints and legal claims – two names, telephone number, address, e-mail.
  3. 3 years from the obtaining of the consent – for e-mail for sending commercial messages and advertisements, information materials, surveys, etc., as well as for cookies and Google Analytics, functionality and efficiency cookies, essential cookies.

The destruction of personal data is done in compliance with the stipulated procedures according to the internal documents of Radik 2013 LTD.

X. SECURITY MEASURES

Radik 2013 LTD have implemented technical and organizational measures to protect your personal data against loss or other forms of unlawful processing in accordance with Art. 32 of GRDP.

Personal data are only accessible on a need-to-know basis to persons having duties related to the provided accommodation services provided. These persons are trained and authorized accordingly.

XI. WHAT ARE YOUR RIGHTS

  1. Right of access:

You have at any time the right to request information about your personal data we keep, about the grounds, the purposes, the processing and storage periods, whether they are provided to a processor or destroyed, etc.

  1. Right to rectification:

You have the right to request rectification of your personal data if they are incorrect, including the completion of incomplete personal data.

  1. Right to erasure (‘right to be forgotten’):

You have the right to request erasure of all your personal data processed by Radik 2013 LTD, unless the processing is necessary for at least one of the following, namely:

a) for exercising the right of freedom of expression and information;

b) for compliance with a legal obligation which requires processing by Union or Member State law to which Radik 2013 LTD are subject;

c) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) in so far as the right referred to erasure is likely to render impossible or seriously impair the achievement of the objectives of that processing;

d) for the establishment of, exercise of or defense against legal claims.

  1. Right to request restriction of the processing

You have the right to request that Radik 2013 LTD limits the processing of your personal data under the following circumstances:

a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;

b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;

c) the controller no longer needs the personal data for the purposes of the processing but the individual requires the data to establish, exercise or defend a legal claim;

d) the data subject has objected to the processing on the grounds of Art. 21, § 1 of the GDPR and verification whether the legitimate grounds of the controller override those of the data subject is being carried out.

  1. Right of portability: 

Where Radik 2013 LTD processes your personal data in an automated way on the grounds of your consent or contract, you have the right to request a copy of your personal data in a structured, commonly used and machine-readable format to be transferred to you or to a third party. This includes only the personal data provided by you.

  1. Right to object to the processing on the grounds of a legitimate interest:

You have the right to object to the processing of your personal data on the grounds of a legitimate interest of Radik 2013 LTD. We will no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests and rights or for the establishment, exercise or defense of legal claims.

  1. Right to be notified about breach under Art. 34 of the GDPR

When the personal data breach is likely to result in a high risk to your rights and freedoms, Radik 2013 LTD. shall communicate the personal data breach to the data subject without undue delay and with description of the nature of the personal data breach indicating at least:

    1. the name and the contact information of the officer from whom additional information can be obtained;

    2. the likely consequences of the personal data breach;

    3. description of the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.

The above information will not be sent in case of personal data breach, if Radik 2013 LTD has fulfilled any of the following conditions:

a) they have implemented appropriate technical and organizational protection measures, and those measures were applied to the personal data affected by the personal data breach, in particular those that render the personal data unintelligible to any person who is not authorized to access it, such as encryption; or

b) they have consequently implemented measures that ensure that the high risk to the rights and freedoms of data subjects is no longer likely to materialise; or

c) the notification would involve disproportionate effort.

In the latter case, Radik 2013 LTD will publish the notification on its website so that the data subjects are informed in an equally effective manner.

XII. EXERCISING YOUR RIGHTS

We are very seriously committed to the protection of the personal data, which is why you can always contact us at:

phone: +359 885 033 885;
е-mail: radik_sozopol@abv.bg

Please be aware that when your requests are manifestly unfounded or excessive, in particular because they are repetitive, we can:

  1. charge a fee taking into account the administrative costs of providing the information or communication or taking the action requested; or
  2. to refuse to act on the request.

We will make reasonable efforts to respect your request within 30 days from its application. This period may be extended by two further months where necessary, taking into account the complexity and the number of the requests.

XIII. WITHDRAWAL OF CONSENT

At any time, you have the right to withdraw your consent to the processing of your personal data only for these purposes and this type of personal data necessary to achieve the specific purposes for which we process them on the grounds of Art. 6, § 1, b. (a) of GDPR detailed in sections III and IV of this Privacy Policy.

In case you wish to withdraw your consent to the processing of the following personal data, namely: e-mail for sending commercial messages and advertisements, information materials, surveys, etc., you may submit a written application to the above email.