GDPR & Cookies
PERSONAL DATA PROTECTION POLICY (GDPR)
GLOBAL DECLARATION OF CONFIDENTIALITY OF ROCCA RESORT.
Last updated: May 23, 2018.
This Statement of Privacy (the “Declaration”) applies to the Rocca Resort Resort and its subsidiaries. This Statement is intended to clarify our practices regarding the personal data we collect from you or for you on this site or through our applications through written or oral communication with us when you visit one of our sites or from other sources. While this Privacy detail the practices that we have adopted in Rocca Resort globally, local laws may vary and some jurisdictions may impose restrictions on our activities related to the processing (for example, certain jurisdictions may require confirmation of consent sending of marketing messages). For this reason, our actual practices in these jurisdictions may be more limited than those described in this document in order to be able to ensure compliance with local requirements. If you are a resident of the European Economic Area (EEA), please see Appendix 1 for further information on Rocca Resort’s use of your personal information.
By using any of our products or services and / or by accepting this Statement, such as in the course of registration for any of our products or services, you agree to the collection and use of personal data, as described in this Statement.
Please note that this Statement does not apply to the way we handle personal data on behalf of or under the instructions of third parties such as airlines, rental companies and other service providers, companies that organize or offer package travel services, marketing partners, or corporate clients.
Personal data collection
At any point of contact or interaction with guests, and in performing all aspects of our activity, it is possible to collect personal data. This personal data may include: Your name, postal address, payment address, email address, telephone number, information related to your reservation, stay or visit of property; participating in a membership program or loyal customers (including joint participation with other brands or other programs); participation in a contest, lottery or marketing program (even if you are not accommodated in our complex); information relating to the purchase and receipt of products or services; personal characteristics, nationality, income, passport / ID card / driving license number and date, place of issue and validity; travel history; billing information, such as your payment card number and other information about it, as well as authentication information and other billing details and payment account related to mobile payments; guest preferences; communication and marketing preferences; information about vehicles that you can bring to our sites; reviews and reviews of our portfolio of trademarks or objects (if identified or related to you); membership and membership numbers in regular airline programs or tourist partner programs; reserved hotel packages, airfare and car rental; groups you are connected with on stays in hotels; information provided for membership programs and when creating accounts; other kind of information you have chosen to provide or we may receive for you.
It is possible to request travel escorts, including names and numbers of regular air passengers, as well as the age of the driver of the car. We can also collect call-related information, including recording and tracking customer service calls for quality assurance and training as well as other communications such as app messaging and SMS.
In addition, we also collect other personal data in certain cases, such as:
- Surveys:: We may ask you for demographics and other personal data in user surveys.
- Collecting information on the site: We collect additional personal data when registering on our sites, including data that may be required under local laws. We may also use a hidden surveillance system and other security measures in our sites that can capture or capture photos of guests and visitors in public places as well as information related to your location during our stay at our sites access and other technologies). We may also use a hidden surveillance system and other audio or video recording technologies to provide protection for our employees, guests and visitors to our sites when this is permitted by law. In addition, we may collect personal information in connection with site services such as concierge services, fitness clubs, spa centers, events, nursing services, equipment hire.
- Accounts for events: If you are planning an event with us, we collect details of the event, the date of the event, the number of guests, details of the guest rooms, and about corporate events – information about your organization (name, annual budget and number of sponsored events per year). We also collect information about guests who are part of your group or event. If you visit us as part of a group, we may have personal information provided to you by the group and receive suggestions from us as a result of your stay in a group or visit to an event, subject to your preferences and to the extent permitted by law. If you visit us as a participant in an event, we may share your personal details with the event organizers as far as permitted by law. If you are an event organizer, we may also share information about your event with third-party service providers who can offer your event services to the extent permitted by law.
- Social media:: If you choose to participate in Rocca Resort sponsored social networking activities or offers, we may receive certain information from your social networking account in accordance with your social networking settings such as location, sign-up, activities, interests, photos, status update, and a list of friends. We may also give you the opportunity to take part in photo contests, such as photos taken during your stay with us, which you can share with your social networking contacts for voting, shared offers, or other promotions.
- Send to a friend: We can occasionally offer you a feature that lets you send an e-card or share a message with a friend in a different way. If you choose to use this feature, we will prompt you to provide the recipient’s name and email along with the text of each message you choose to submit. By using this feature, you declare that you are entitled to use and provide us with the recipient’s name and email address for that purpose.
In addition to the information we collect directly from you, we may also conclude information about you from the data you provide to us or from other information we receive.
PERSONAL DATA THAT WE RECEIVE FROM THIRD PARTIES
We may also collect information about you from third parties, including our airline partners, payment cards, and others, from your social networking services in accordance with your settings for these services and from other sources that are third parties and are entitled to law to share your data with us. We use and share this information (and we may add this information to the rest of the information we have for you) for the purposes described in this Statement.
USING THE PERSONAL DATA WE RECEIVE FOR YOU
We use your personal information in many ways, including in order to provide and personalize the services you claim and expect from Rocca Resort, providing the hospitality in the room and anywhere in our sites that you expect, conducting direct marketing and promotions and as described in more detail below. We will request your consent before processing your data when required by applicable law.
We are required to collect certain information, including your name, address, payment information and, in some countries, travel document information to process your booking. Failure to provide this information will result in our inability to process your booking.
- Service management: We use your personal information to manage the programs you participate in, including the provision of access to your account information, such as the status of prizes and offers under whose terms you are responsible; to implement services that are part of these programs;
- Meetings & Events Planning:We may use your personal information to provide you with information about meetings and events planning.
- Marketing & Communications:Within the permitted limits, we may use your personal information to provide or offer you newsletters, promotions and topical special offers, as well as other marketing messages, depending on the preferences you have chosen to receive. We use your personal information to provide in-time notifications, account notifications, and booking confirmations, to send you marketing messages, and to conduct surveys, lottery betting, lotteries and other competitions. We can provide these communications via email, mail, social networks, phone, text message (including SMS and MMS), targeted notifications, application messages, and other means (including site messages, such as in-room TV). By your consent, we also use user-generated content (for example, photos) from social networking services to provide visual ads or on our websites and in our applications. We may also collect information about your payment card that may be added to your personal data and used by Rocca Resort or its commercial partners for identifying your card type and / or bank or card network to help you present and / or send targeted marketing messages based on your payment method and depending on your preference for receiving messages. We may also partner with third parties to find out if a visitor to our site has a proposal for immediate payment payment related to his / her payment card and to provide the visitor with ads and information explaining how to make use of it proposal during a stay in the Hotel complex.
- Service Improvements: We may use your personal data to make improvements to Rocca Resort’s services and to ensure that our sites, products and services are of interest to you. We also use your personal information to provide you with the expected level of hospitality in the room and on the premises of our sites. This may include enabling technology to be managed in your room through our website or apps from your personal devices. We may use your email address to send you the hotel account by email. It is your responsibility to ensure that you have provided us with the correct (and preferred) email address to contact you. If you make a reservation to another person’s name via your email address, reservation information, invoice or other information will be sent to your email address.
- Accuracy, analysis and customization of data: We may also aggregate your personal information with third party sources to keep the information up to date and for analysis. We can also rely on information from third parties to provide better and more personalized service. For example, if you connect your social network services or other accounts with our services, we may use this information to provide you with a more personal and social experience with us or to share and use it as described elsewhere in this Statement.
PERSONAL DATA TO SHARE
In order to offer you the expected level of hospitality and best service, we may share your personal data with our service providers and other third parties as detailed below:
- Group events and meetings: If you visit Rocca Resort as part of a group event or meeting, the meeting plan and event planning information will be shared with the organizers of these meetings and events and, where appropriate, with the guests who organize or participate in the meeting or event.
- Trading partners: We may partner with other businesses to provide you with products, services, or suggestions based on your experience at our sites, and we may therefore share your data with our trading partners. For example, we can help arrange a rental car or other services from our trading partners, as well as share personal information with our trading partners to provide these services. We may also share your personal information, such as your email address, with our corporate tourism partners to assist them in assessing compliance with travel rules or participating in special pricing plans, or to engage in marketing activities with a joint participation of other brands together with our corporate partners in the field of tourism. It is possible that our partners can provide you with more relevant suggestions based on the information we share about your experience at our sites. In addition, we may allow our partners third parties to recognize you when visiting their websites or apps, or to recognize you as their client when you visit Rocca Resort websites or applications so that they can provide you with more relevant suggestions. We may share an anonymized version of your email address with third parties using the available security measures so that they can unify it with their own anonymized email addresses to send you ads online and by email on our behalf.
- Joint sponsorship of promotions: We can sponsor promotions, lottery betting, lotteries, competitions or competitions with other companies, and we provide lottery prizes and competitions sponsored by other companies. If you participate in any of these lottery betting or contests, we may share your data with a joint sponsor or sponsor third party.
- Services in the Complex:We may share personal data with third-party vendors providing services at the premises such as concierge, spa procedures, restaurant or other services.
- Service Providers: We rely on third parties to provide services and products on our behalf and we may share your personal data with them as appropriate. In principle, our service providers are contractually obliged to protect your personal data and are not allowed to use or share your personal data in any other way except as may be required by law. However, our fraud disclosure service providers may use your personal data without sharing them for the purpose of detecting fraud. We may use service providers to tell you news or provide promotional materials and transaction materials on our behalf, including personalized online and mobile ads, depending on your preferences and applicable laws. For more information, please see our Cookies policy. Rocca Resort will only work with people who offer a way to unsubscribe from such advertising. We may also share information with service providers that enable you to create routes by choosing objects, activities, and restaurants from lists that we customized for you based on your preferences and third party data.
- Business Transactions: In the process of developing our business, we can sell, buy, restructure and reorganize activities and assets, or discontinue our business as a manager or franchisor of a hotel that is currently part of our portfolio. In such cases, Rocca Resort may transfer, sell or transmit the collected information without limitation, other information (described below) and personal data to one or more related or unrelated third parties in connection with these business transactions. To the extent required by local laws, we will notify you of your intention to transfer personal data to a third party for that purpose and an explanation of how you can object to such a transfer.
- Telemarketing:If you stay at our hotel, we may share your phone number within the Rocca Resort’s trademark portfolio for telemarketing purposes, depending on your preferences and applicable laws. Also from our partners or from other sources, we may receive your phone number that we can use for telemarketing purposes.
- Others: In addition, Rocca Resort may disclose personal information to: (a) comply with applicable laws, (b) respond to government inquiries or requests from public authorities, (c) comply with the applicable legal procedures, (d) protect the rights, privacy, safety or property of Rocca Resort, site visitors, guests, employees or the public, (e) allow us to seek damages or limitations of damages that may be caused to us, the rules and conditions of our websites and (g) react in emergency situations.
When you visit and use the Rocca Resort website and applications, we collect other data that does not disclose your identity directly to your use of the site, such as a catalog of the sites you visit and the number of visits to our sites (” information “). We use Other Information and data received from third parties to provide you with email, online (on our sites or other sites) and mobile ads. We may also use Other Information to enable third party partners to recognize you as a Rocca Resort guest when visiting a website or application or to recognize you as their client when visiting Rocca Resort web sites or applications for to be able to provide you with more appropriate suggestions.
Зand the citizens of the European Economic Area (EEA) and the UK: If you are in Europe, you can also change your cookie preferences by making changes to cookie settings from the cookie acceptance console, which can be found here: Cookie Preferences.
At this time, we do not respond to “do not track” alerts or similar mechanisms. For more information, please see our Cookies policy.
We may use our collected and aggregated information or anonymized personal data received from third parties to learn more about our users (for example, we may use aggregate information to determine the percentage of our users with a particular phone code). This includes demographics, such as date of birth, gender and marital status, implied commercial interests, such as favorite products or activities, and other information we may collect from you or third parties.
Because Other Information does not disclose your identity, we may disclose this information for any purpose where permitted by law. In some cases, we may combine Other Information with personal data. If we combine Other Information with personal data, the combined information will be treated as personal data in accordance with this Statement.
he term “sensitive information” refers to information relating to your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health status, sexual life or sexual orientation, genetic information, court history and any biometrics used for identification purposes. In some jurisdictions, mobile phone numbers, location data, and information contained in identity documents are also considered sensitive information.
In principle, we do not collect sensitive information unless it is voluntarily provided by you or if we do not have to do so in accordance with applicable laws or regulations. We may use health information provided by you to better serve and meet your specific needs (eg accessibility for people with disabilities).
PERSONAL DATA FROM CHILDREN
We do not consciously collect personal data from people under 18 years of age. As a parent or legal guardian, do not let your children send personal information without your permission.
MOBILE SERVICES AND LOCAL-BASED SERVICES
We can provide mobile apps that you can download to your smartphone or mobile device. These applications have multiple features that enhance customer experience. In addition to providing services, our applications may collect personal data and other information that will be used in accordance with this Statement. For example, when making or modifying a reservation, including a reward obtained as a reward, you will be required to provide certain personal data, such as your Rocca Resort credentials, or other information as needed.
If you allow our mobile apps to access location information for your mobile device, our mobile apps can use Global Positioning System (GPS) technology and other technologies (such as wireless transmitters known as beacons) to provide you with information and suggestions based on the location of your device. Beacons allow us to collect information about your location in participating hotels by communicating with mobile devices in range. We can use this location information to improve your site experience by sending targeted notifications and other content to your mobile device, providing navigation assistance as you navigate through our sites, and sending information and suggestions to you about products, services, or activities that we believe may be of interest to you. We may share this information with third parties, including business partners and service providers, to provide information, suggestions and services that may be of interest to you. You can stop or restrict the collection of location information by changing the settings in the Rocca Resort application or the settings of your device.
We offer all these mobile and location-based services only to the extent permitted by applicable local laws.
LINKS TO THIRD PARTY WEB SITES AND SERVICES
Our site and our mobile apps may contain links to third-party websites. Please note that we are not responsible for the collection, use, maintenance, sharing or disclosure of data and information from such third parties. If you provide information to and use third-party sites, the privacy policies and terms of service of these sites apply. We encourage you to read the privacy policies of the websites you visit before sending personal data.
PROTECTION OF PERSONAL DATA
Rocca Resort will take reasonable steps to: (a) protect personal information against unauthorized access, disclosure, alteration, or destruction, and (b) keep personal information accurate and up to date as appropriate. Rocca Resort uses a dynamic internal team of information security specialists responsible for creating, updating and managing the Rocca Resort security program. The Rocca Resort Global Information Security team is responsible for, amongst other duties, the monitoring of our potential penetration systems, the potential incident response, the maintenance of information security at the property level, the regular review and update of the security controls that Rocca Resort uses data protection and training in the Rocca Resort’s Information Security Program. In the event of a security incident, Rocca Resort will notify regulators and / or users as required by applicable laws or regulations.
We also require our service providers with whom we share personal data to make reasonable efforts to ensure the confidentiality of your personal data. For online transactions, we use technology tools within the reasonable protection of personal data you send us through our site. However, unfortunately, there is no security system or data transfer system on the Internet that is guaranteed completely secure.
In order to protect your privacy, please do not send us your payment card numbers or other confidential personal data by email.
We may be contacted by mobile / text message or by telephone to ask you to provide us with your confidential or payment card information if necessary. We may only request payment card details by phone when making a booking or booking a promotional package. We will not contact you to request your Rocca Resort account login information. If you receive this type of request, you do not have to respond to it. We would also like to ask you to tell us about this email@example.com .
CHANGE AND ACCESS TO YOUR PERSONAL DATA
Under the applicable laws, you may wish to inform us of your personal data stored and, where appropriate, withdraw your consent to process data and / or request updating, correcting and / or deleting your personal information data we support in our active database. We will make any necessary updates and changes to the deadlines set by the applicable law as required by law. Where permitted by law, we may charge a fee to cover costs in response to the request. These requests can be submitted personally or by e-mail. To protect the privacy of your personal information, we can only respond to these requests at the email address you have registered or otherwise provided to us. Please remember that if you make such a request, we may not be able to provide the same quality and variety of services you are used to.
In addition, under certain applicable law, you may request that we no longer share your personal data with our business partners or Rocca Resort will cease to use your personal information by contacting us at the email or mailing address mentioned above . We will endeavor to respond to these requests in accordance with applicable laws.
STORAGE OF PERSONAL DATA
We store your personal data for the period necessary to achieve the purposes described in this Statement unless a longer storage period is required or permitted by applicable laws. We retain the personal information collected to make reservations for guests for five years after the end of the stay. We retain other personal information for shorter terms if possible and if permitted by law.
We will destroy your personal data as soon as possible and in such a way that it can not be reproduced or recovered.
If there are printed on paper, personal data will be destroyed in a secure manner, for example by machine cutting small parts or incinerating paper documents or otherwise, and if they are in electronic form, personal data will be destroyed by technical means that they can not be reproduced or restored.
SELECTION – MARKETING COMMUNICATIONS
f you provide us with contact information (mailing address, fax number, e-mail address or phone number), we may wish to notify you, depending on the preferences you have chosen for our products and services, or to invite you to participate in events and via email, online advertising, social networking, phone, text message (including SMS and MMS), targeted notifications, application notifications, mailing list, our customer service call center and other means (including site messages, in you harbor).
If you prefer not to send marketing materials by email, you can unsubscribe at any time. Running subscription queries may take up to ten business days.
CHANGE IN THE DECLARATION
We can occasionally change this Statement. You will know when this Statement was updated by checking the date at the beginning of the Declaration. All changes to our Declaration will take effect upon the publication of the modified Site Statement. By using the site and / or any of our products and services and / or accepting the updated Statement after such changes, you agree to the current, modified Statement.
If you have any questions about this Statement or about the way Rocca Resort processes your personal data or if you wish to provide us with a compliment or complaint, you can contact us by email:
We will respond within 30 days or sooner, if applicable.
B clychay na na napyshavane ppavata b and caglacno ppilozhimoto zaĸonodatelctvo charter zashtita na lichnite danni, imate ppavo ea podadete zhalba Until Komiciyata charter zashtita na lichnite danni, ĸaĸto cledva:
Commision for the Protection of Personal Data:
Address Sofia 1592, bul. “Pope. Tsvetan Lapapov “№ 2
Tellefon +3592 915 3 518
Internet page www.cpdp.bg
ADDITIONAL PROVISIONS APPLICABLE TO THE PROCESSING OF
PERSONAL INFORMATION FOR EEA RESIDENTS
For individuals resident in the EEA, this appendix describes additional information Rocca Resort undertakes to provide you with, as well as some rights you have with the processing of your personal information, in accordance with applicable local laws. This Appendix will control as long as it does not contradict any provision in the main text of this Statement.
Administrator: for more information about Rocca Resort sites that process your personal information.
Data Protection Officer: You can contact the Rocca Resort Data Protection Officer at an email address firstname.lastname@example.org
Objectives and legal basis for processing: Rocca Resort processes your personal information for the purposes set out in sections 4 (Use of personal data collected for you) and 5 (Personal Information we share) of the main content of this statement.
The legal basis for the processing activities of Rocca Resort include the processing of such information as is necessary to meet our contractual obligations in compliance with our legal obligations, protecting the safety of our employees, guests and others for our legitimate business interests according to your consent.
The specific legal basis for processing your personal information is based on the purpose for which this information is provided or collected:
- Surveys:Filling in surveys is voluntary – we process the information you receive from your research based on your consent and in support of our business interests, including marketing, service improvements, and analyzes.
- Collecting information on the site:
- When you make a reservation and when staying in one of our hotel properties, we process your name, address, contact information, and details of your stay (day and time of arrival and departure, vehicle information and travel or stay information) based on our contractual relationship with you. We also process such data for our business interests, including marketing, service improvement, administration of our program, and analysis and personalization of the services as described in Section 4 of our Global Privacy Statement (above).
- We collect additional personal information during registration / accommodation in our property (such as a national identification number or passport information) if this is necessary to comply with our legal obligations.
- We may also use an internal video surveillance system and other security measures in our sites that can capture or record photos of guests and visitors in public places as well as information related to your location during our stay at our sites ( access cards and other technologies).
- We process personal information in connection with property-related services (such as concierge services, health clubs, mineral springs, activities, childcare, rental of equipment and the functionality of the digital key) to provide you with services for our business including marketing, service enhancements, and service analysis and personalization as described in Section 4 of our Global Privacy Statement (above).
- Social Media: Participating in social media activities and offers sponsored by Rocca Resort is voluntary – we process the information you receive from social media based on your consent and in support of related business interests, including for marketing, service enhancements, and analysis and personalization of the services described in Section 4 of our Global Privacy Statement (above).
- Promotions and lotteries: Participation in lotteries, competitions and other promotional offers is voluntary – we process the information obtained from such participation on your consent basis and as necessary to administer the offer. We also use certain data for our business purposes, including marketing, service enhancements, and service analysis and personalization as described in Section 4 of our Global Privacy Statement (above).
Direct Marketing:We use your personal information to send you marketing messages based on your consent. You can withdraw your consent to direct marketing communications at any time by contacting us at email@example.com or by following the opt-out instructions in the marketing message, or by logging in to your Rocca Resort Honors account and updating your communication preferences.
- Franchise and Property Opportunities: We process this information based on our contractual relationship with you and the related business interests, including maintaining and promoting the Rocca Resort brand and facilitating direct Rocca Resort property communication.
- Providers:Participation in the Rocca Resort Supplier Diversification Program is voluntary – we process this information based on your consent and the related business interests, including maintaining and improving our diversity program.
Detention: We retain personal information about you for the time it takes to achieve the purpose for which such information is collected, usually for the duration of the contractual relationship and for each subsequent period as legally required or permitted by applicable law. Our detention policies reflect the applicable limitation deadlines and legal requirements.
Rights of the data subject: EEA residents have the following rights:
Requests for access, correction and deletion:You have the right:
- ask us to confirm whether we process your personal information
- to get information about processing your data
- receive a copy of your personal information
- ask us to update or correct your personal information
- ask us to delete personal information under certain circumstances
Right to disagreement about processing: You have the right to ask Rocca Resort to discontinue the processing of your personal information:
- for marketing activities, including profiling
- for statistical purposes
- where such processing is based on our legitimate business interests unless we are able to prove an irreconcilable legitimate basis for such processing, or we need to process your personal information to establish, exercise or defend a legal claim
Right to limit the processing: You have the right to ask Rocca Resort to restrict the processing of your personal information:
- while Rocca Resort estimates or is currently responding to a request from you to update or adjust your personal information</ li>
- when such processing is illegal and you do not want Rocca Resort to delete your data </ li>
- when Rocca Resort no longer requires such data, but you want us to retain the data to establish, exercise, or defend a legal claim </ li>
- when you file a protest against processing based on our legitimate business interests until we respond to such a request </ li>
When we restrict the processing of your personal data in accordance with your request, we will notify you before doing any such processing again. Requests for portability : You may request that you or some third party of your personal data be provided in a commonly used, machine-readable format. However, please note that data portability rights apply only to personal information we have received directly from you and only when our processing is based on consent or performance of a contractор.
Submit requests: Your requests can be sent by accessing firstname.lastname@example.org or in writing. You may also update your personal information as outlined in Section 12 (Changing and accessing your personal information) in the main content of this Global Privacy Statement.
We will respond to all such requests within 30 days of receipt of the request, unless there are mitigating circumstances in which we can take action within 60 days to respond. We will inform you if we expect our answer to take more than 30 days. However, keep in mind that certain personal information may be exempt from such rights under the applicable data protection laws. In addition, we will not respond to any requests unless we are in a position to properly verify the identity of the applicant. We may request a reasonable fee for subsequent copies of the data you request.
If you have concerns about our data practices or the exercise of your rights, you may either contact Rocca Resort at email@example.com or with the State Supervisory Authority.
Right of refusal of consent: You have the right to withdraw your consent for any processing we make solely on the basis of your consent (such as sending direct marketing materials to your personal email account). You can withdraw your consent to marketing activities by following the instructions for marketing emails or by contacting us firstname.lastname@example.org. For any other activities you have previously agreed to, you can contact us at email@example.com to withdraw this consent.
Segmentation (also called profiling) and automated decision making : We use personal information to divide a large group of users into subgroups of users (known as “segments”) based on some kind of common features such as geographic location, or demographic data.
With your consent, we make automated decisions, that is, without human intervention, by using segmentation and / or specific personal information to offer you certain benefits based on your characteristics (such as reduced room rates or other special offers based on your geographical location, behavior, or demographics.
International data transfer: We may transfer the personal information we collect to you in accordance with the purposes stated in this Statement in other countries.
Segmentation (also called profiling) and automated decision making : We use personal information to divide a large group of users into subsets of users (known as “segments”) based on some kind of common features, location, behavior, or demographics.
With your consent, we make automated decisions, that is, without human intervention, by using segmentation and / or specific personal information to offer you certain benefits based on your characteristics (such as reduced room rates or other special offers based on your geographical location, behavior, or demographics.