Privacy Policy

1. General terms and conditions

As an administrator of the personal data, we, in, are ensuring confidentiality and protection of your personal data. This policy is oriented towards providing clear information regarding our processing of your personal data. We can change/update this Policy if necessary and we ask you to make sure that you have read carefully the current Privacy Policy. You may send any questions regarding this Policy to: 

2. Information about the administrator of the personal data

Administrator of the personal data: Roza Georgieva Toteva (company), Identity No: 138433207, address: Keramoti, E-mail:, supporting the web-site:, providing services in regards with your holiday.

3. How we collect personal data

We collect only that personal data necessary for providing the relevant services. The personal data includes: name, address, E-mail, phone No, necessary for contact purposes, as well as personal data necessary in regards with Tourism Act, Accountancy Act and any other enactment in connection with accommodation, invoicing and other tourist services. We collect information related to your visiting of our website and when that was done. We do not collect special categories of personal data (“sensitive data”)

We receive information from you when you use our site, for example, when you send a request in order to receive an offer/information, or, during the process of sending a request, ordering or booking.

4. Why we are collecting your personal data

We use your personal data in order of providing the services you have requested via our site, including processing your orders and fulfilling our obligations directly related to the services you have requested.
We process your personal data following all legal obligations originating from Tourism Act and Accountancy Act.
We do not collect personal data not needed for the above mentioned purposes, connected with providing services and observing our legal services.

5. How we process your personal data

We process your personal data with activities, including collecting, storing, using, deleting when:

  • - we provide services ordered by you, including processing your orders and following our obligations originated from our contractual relationship;
  • - we provide new information in direct connection with services ordered by you;
  • - we respond to your requests and provide information that you have asked for, including support in answering questions, arising from your requests;
  • - we use re-marketing via trusted sites, including Google AdWords and Facebook;
  • - we ask for your opinion and comments regarding services we provide;
  • - we ask for your opinion and comments regarding services we provide;
  • - we analyze statistics and other data aiming at improving our services;
  • - we inform you for changes in general terms and conditions, privacy policy or our services;
  • - we contact you when and if necessary in order to provide the services you ordered, to fulfill contractual relationship between us, to send you updated information in direct connection with the services you ordered, to respond to your request, to protect your interests in connection with using the site or our services;
  • - we will not contact you for marketing purposes via E-mail, phone, unless you explicitly gave your consent, or in case the communication is directly connected with you and is in line with the General Data Protection Regulation (Regulation (EU) 2016/679).

6. How long we keep your personal data

We keep your personal data only and if that is necessary for the exact purposes they are collected, or according the agreement between us following the requirements and terms of the Tourism Act, Accountancy Act, tax laws and any other current regulations of the Republic of Bulgaria (the Republic of Greece/Romania).

The data provided by you for marketing purposes will be kept for a period of 5 years or until you declare that you do not want to receive information from us anymore.

After we fulfill our purposes and process your personal data, we delete them.

7. Who has access to your personal data?

We do not send your personal data to third party for marketing purposes. We send your personal data to third party only on the appropriate legal basis (for example if we must transfer some data to state authorities), or if needed to fulfill a contract with providers, subcontractor). In all these cases when we have to send personal data to third party, that is done in line with the General Data Protection Regulation (Regulation (EU) 2016/679).

We work with various third parties (service providers) to ensure quality and reliable services. When you research or purchase one of these services, the relevant third party service provider will use your data to provide you with information and to fulfill their obligations under this agreement. In some cases they will act as data controllers of your information, so we recommend you to read their Privacy Policy.

We will send your date to legal authorities only in cases provided by law and in a volume that does not exceed the purposes for which they are requested.

8. Where we process your personal data

All personal data are processed in Bulgaria.

9. What are your rights regarding your personal data processing?

You may request from us all the time:

  • - access to your personal data, collected in the process of sending and using the services, including: confirmation if we process your personal data, what categories are these personal data, what are the purposes of the data, the receivers of your personal data, as well as a message copying your personal data that are processing and their source.
  • - updating your personal data (for example changing your E-mail or any other information;
  • - deleting your personal data (this is your right “to be forgotten”), when the processing is not in line with the General Data Protection Regulation (Regulation (EU) 2016/679) and/or Personal Data Protection Law.
  • - right to limit processing of personal data in cases of legal dispute between the administrator and the individual until the resolution and/or establishing or granting of legal claims.
  • - notification of this update, deletion or limitation of processing to third parties to whom your personal data has been revealed, except that is impossible or needs excessive efforts;
  • - right of transferring the data when personal data is processed automatically based on agreement or contract. For this purpose the data is send in a popular and usable format.

When you desire any access, update, deletion, blocking or limitation of processing your personal data, that will be done only regarding your personal data and free of charge.

You may request the above mentioned activities by sending an E-mail to the personal data administrator. In this request you have to include the following information: name, address and other data for identification of the respective natural person, description of the request, preferred form for providing the information. You have to sign your request and add a date and contact address. The request may be signed electronically.

This request must be sent to e-mail:

We will fulfill your request for access, updating, deleting or restricting the processing of personal data within one month, subject to legal requirements and exceptions in this regard. You will be notified of the decision to perform the requested action or the refusal in accordance with the requirements of the law.

10. How can you lodge a complaint against the processing of your personal data

If you would like to lodge a complaint of the way your personal data is being processed, you may contact us via

If you are not satisfied with our respond or if you do not think that we are processing your data in a lawful manner, you may contact the Court or Commission for Personal Data Protection: Sofia 1592, 2, blvd. Prof. Tsvetan Lazarov,

11. General description of security measures to protect your personal data from loss, misuse or alteration.

When you give us your personal data, we take action to ensure that it is processed in a secure manner. The website uses a secure communication protocol SSL certificate. HTTPS authenticates the site and the corresponding web server it is uploaded. It also encrypts the client-server connection in both directions, providing protection against eavesdropping, forging or falsifying the content of messages. That guarantees that the user or linking to the correct site (not a fake copy), as well as ensuring that the content of messages between the user and the site cannot be read or tampered with by third parties. Additional information about HTTPS (

12. Automatic decision making and/or profiling.

We will not use automatic decision making or profiling

13. Use of cookies

We also use “cookies” as most other sites. “Cookies” are small, separate packets of information sent by an organization to your computer in order to recognize your visits. They accumulate statistics about your browser activity. In this way we can track patterns of user traffic as well as analyze the use of services such as the time spent on the website and the pages most frequently visited. Cookies do not identify you as an individual and summarized statistics do not include personal information. Cookies help us improving the website and provide better personalized services.

By agreeing to use this site and its services, you also agree to use cookies, including Google Analytics cookies.

If you do not want to receive cookies while browsing the website or through HTML formatted E-mails, you may refuse them. You can set your Internet browser to warn you before accepting a cookies or to refuse cookies when it alerts you for their presence.

14. Links to other sites

Our websites may contain links to other websites operated by other organizations. This privacy policy applies only to our sites, so we encourage you to read the privacy statements of other websites you visit. We are not responsible for the security policies of other websites, even if you use links from our site to access them.

In addition, if you access our website through a third party site, we are not responsible for the privacy policy and practices of the owners and administrators of that third party site, and we encourage you to review their Privacy Policy.

15. Transfer of personal information outside Europe

As part of services we provide to you, the information we receive from you, may be transferred to countries outside European Union (EU). These countries may not have similar data protection laws as Bulgaria and other EU countries. By providing your personal data, you consent to this transfer, storage, or processing. If we transfer your information outside EU in this way, we will take appropriate security measures to ensure the protection of your personal information in accordance with this Privacy Policy.

16. Revision of this Policy.

We regularly review this Policy to ensure quality and lawful protection of your personal data. This Policy was last updated in January 2023 and is in the line with the General Data Protection Regulation (Regulation (EU) 2016/679).