Data about the Personal Data Controller:
„INTERHOTEL GRAND-HOTEL SOFIA” AD, UIC 831642594 is a personal data controller with its main scope of business activity in: hotel and restaurant management, foreign economic activity, sale of imported goods and local production, organizing trips at home and abroad, providing transportation, information, utilities, advertising, sports, animation, cultural and other ancillary services related to international and domestic tourism, transactions with foreign currencies, subject to being granted all applicable licenses and permits from the relevant government authorities, as well as other economic activities not prohibited by the laws of the Republic of Bulgaria.
Main economic activity as per the National Classification of the Economic Activities (NCEA): Hotel management
Contact details of „INTERHOTEL GRAND-HOTEL SOFIA” AD, UIC 831642594 and the Board of Directors of the Company:
Head office and registered office: Sofia 1000, Sredetz district, 4 “Narodno sabranie” sq.
Telephone: +359 2 9334 334
„INTERHOTEL GRAND-HOTEL SOFIA” AD processes the following personal data in connection with the provision of tourist services:
- received personally from the subject of the data (the client), including data filled in by the client in brochures of the IGH Reward clubs and Intercontinental Ambassador programmes, provided by „INTERHOTEL GRAND-HOTEL SOFIA” AD, as well as by client-users of the InterContinental Sofia website - sofia.intercontinental.com and the Floret Restaurant and Bar website - www.floret-sofia.com and ador.restaurant.com
- contained in any other documents drawn up in connection with and on the occasion of the provision of tourist services;
- collected as a result of CCTV surveillance.
Personal data we collect from you, as our client, and process is:
Personal data category:
Name, address, data from identification document, phone number, email, bank details, period of stay,video footage recorded by CCTV surveillance cameras.
Personal data and information we collect from you as users of the InterContinental Sofia website - www.sofia.intercontinental.com and the Floret Restaurant and Bar website - www.floret-sofia.com and process is:
- Information about your device, such as IP address, location, type and version of your browser, operating system;
- Information about your stay and behavior on the website, such as the origin of your visit, length of stay, navigation;
- Personal information when signing up for the newsletter, including: name, email address, company, position;
- Personal information when filling out the Floret Restaurant and Bar Reservation Form, including: name, phone, email;
- Personal information, voluntarily provided by the user, when applying for job openings at „INTERHOTEL GRAND-HOTEL SOFIA” AD;
- Information related to your use of the website, including when, how often, and under what circumstances you visit the website;
- Any other personal information you provide to us when contacting us.
„INTERHOTEL GRAND-HOTEL SOFIA” AD does not process special categories of data.
In the cases when we request consent for special (sensitive) personal data „INTERHOTEL GRAND-HOTEL SOFIA” AD will always present motivation on why and how it will use this information. You may withdraw your consent with respect to sensitive data at any time by a written request to the Board of Directors of „INTERHOTEL GRAND-HOTEL SOFIA” AD, in accordance with the Procedure for withdrawal of consent from the data subject.
We declare that the personal data we collect will only be used for the following purposes:
- For the purpose of providing basic tourist services (accommodation, meals, etc.) and additional tourist services (services related to travel, entertainment, happenings and other events as well as cultural and educational events, congress and business events, organization of meetings, conferences , seminars, trainings, presentations, other corporate events, entertainment and other services provided and consumed by tourists during their travel and stay);
- For the purpose of direct marketing and marketing purposes, with the explicit consent of the customer (eg when filling out brochures for IGH Rewards Club and InterContinental Ambassador programs, participation in the newsletters of sofia.intercontinental.com and www.floret-sofia.com etc.);
- For recruitment purposes.
The reason that gives us the right to process your data is:
Processing is necessary in order to provide tourist services and carry out tourist activities within the meaning of Art. 3, para. 2 of the Tourism Act.
All legitimate interests pursued by us or by third parties who work for us are as follows:
Execution of our contractual relations and our implied responsibility from the current Bulgarian legislation in connection with the implementation of tourist activity.
Transfer of personal data within and outside the EU
For the purpose of fulfilling its contractual obligations (in connection with the provision of tourist services), „INTERHOTEL GRAND-HOTEL SOFIA” AD provides personal information to IHG HOTELS LIMITED.
In connection with the provision of direct marketing (subject to the express consent of the user), „INTERHOTEL GRAND-HOTEL SOFIA” AD uses the services of Mailchimp®, part of The Rocket Science Group LLC, and for these purposes „INTERHOTEL GRAND-HOTEL SOFIA” AD provides personal information to Mailchimp®.
All parties to which „INTERHOTEL GRAND-HOTEL SOFIA” AD provides personal data comply with the requirements of Regulation 2016/679 and the applicable written agreements, annexes and contracts signed with „INTERHOTEL GRAND-HOTEL SOFIA” AD regarding data processing and are required to take appropriate technical and organizational measures to protect such personal data.
Use of „Cookies”
„INTERHOTEL GRAND-HOTEL SOFIA” AD finds it necessary to inform you that for the purpose of using services through the websites maintained by the Administrator (www.sofia.intercontinental.com and www.floret-sofia.com ) „INTERHOTEL GRAND-HOTEL SOFIA” AD uses „Cookies” („Cookies”).
Cookies are files containing an identifier (a series of letters and numbers) that is sent from a web server to a web browser and is stored by the browser. Subsequently, the identifier is sent back to the server each time the browser requests a page from the server. Cookies usually do not contain personal information to identify the user, but the personal information we store about you may be related to the information collected and stored by the cookies.
The types of cookies we use on our websites are:
- laravel_session: cookies used for session logging on the site. They do not apply to site visitors but only to the administrative team;
- XSRF-TOKEN: cookies for protecting web forms (reservation form, contact form).
Most browsers allow cookies to be accepted or rejected. Rejection of cookies may limit the functionality of the websites.
Data storage period
„INTERHOTEL GRAND-HOTEL SOFIA” AD will store your personal data no more than the terms established in the laws and regulations of the effective labor, tax and social security legislation, for which the Company has drawn up a specific Schedule for data storage and destruction. The data will be stored in accordance with the Data Storage and Destruction Procedure,
Your rights as a data subject are as follows:
At any time, while we are storing or processing your personal data, you (according to the terminology of the law - data subject) have the following rights:
- you have the right to request a copy of your personal data from „INTERHOTEL GRAND-HOTEL SOFIA” AD and the right to access your personal data at any time;
- you have the right to request from „INTERHOTEL GRAND-HOTEL SOFIA” AD your personal data in a convenient form, so you can transfer your data to another personal data controller, or to request us to do so without being hindered by us;
- you have the right to request that „INTERHOTEL GRAND-HOTEL SOFIA” AD corrects without undue delay your inaccurate personal data as well as data that are no longer up to date;
- you have the right to request that „INTERHOTEL GRAND-HOTEL SOFIA” AD deletes your personal data with no undue delay in the presence of any of the following reasons:
- personal data are no longer needed for the purposes for which they were collected;
- when you have withdrawn your consent;
- when you have objected to processing,
- when processing is unlawful;
- when personal data must be deleted in order to comply with a legal obligation under EU or Member State law that applies to us as a data controller;
- when personal data have been collected in connection with the provision of services to the information society.
We may refuse to delete your personal information for the following reasons:
- when exercising the right to freedom of expression and the right to information;
- to comply with a legal obligation on our part or to perform a task of public interest,
- for reasons of public interest in the field of public health;
- for the purposes of archiving in the public interest, for scientific or historical research or for statistical purposes, in so far as deletion is likely to make it impossible or seriously difficult to achieve the purposes of such processing; or for the establishment, exercise or defense of legal claims.
- you have the right to request „INTERHOTEL GRAND-HOTEL SOFIA” AD to restrict the processing of your personal data, in which case the data will only be stored but not processed. Our refusal to restrict will only be expressed in writing, and we must motivate it for a legitimate reason.;
- you have the right to withdraw your consent to the processing of your personal data at any time by a separate request sent to "INTERHOTEL GRAND-HOTEL SOFIA" AD;
- you have the right to object to certain types of processing, such as direct marketing (unsolicited advertising);
- you have the right to object to automated processing, including profiling;
- you have the right not to be the subject of a decision based solely on automated processing involving profiling;
All of the above requests will be forwarded if there is a third party (recipients, including outside the EU and international organizations) when processing your personal data.
You have the right to complain to the supervisory authority
You have the right to file a complaint directly with the supervisory authority, with the competent authority being the Commission for Personal Data Protection, address: 1592 Sofia, Prof. Tsvetan Lazarov № 2 (www.cpdp.bg).
If you wish to file a complaint regarding the processing of your personal data through „INTERHOTEL GRAND-HOTEL SOFIA” AD, you can do so at the specified contact details of „INTERHOTEL GRAND-HOTEL SOFIA” AD.