Book now House Rules
Contacts
Address
Contact us

Privacy Policy

“Everest” Ltd., UIC 101728109, headquartered at village Banya ZIP 2778, Razlog Municipality, Blagoevgrad Region, 2B “2” Street (hereinafter referred to as “the Company”), owns the guest house Chalet Everest and is a data controller within the meaning of the Personal Data Protection Act and the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”).
We respect our clients’ privacy and ensure the maximum protection of their personal data processed during their stay at the tourist site.

This Privacy Policy explains what personal data we collect, how and why we use it, under what conditions we disclose it to third parties, and for what purposes. It may be updated to reflect changes in Bulgarian or European legislation or the Company’s activities.

The Company’s main activity is providing accommodation at Chalet Everest.
This policy applies to personal data if you are an individual or a representative of a legal entity that is a client of Chalet Everest.

Personal Data Collected

From employees:

  • Identification and contact details: full name, personal identification (PID) number, ID card number and date of issue, permanent and current address, phone number.
  • Education, qualifications, work experience: education level, specialty, certifications, educational institutions, previous positions and employers.
  • Health information: medical certificate upon hiring, sick leave documents, records of illnesses under Ordinance №5/1987 (for special labor protections), TELK decisions (for tax reliefs).
  • Criminal records: when required for specific positions.
  • Other relevant information: number and age of underage children (for tax benefits), health condition, etc.
  • Payroll-related data: attendance, leave, salary, additional payments, wage garnishments, and bank account number for salary payment.

From clients:

  • Identification: full name, personal identification (PID) number (or date of birth for foreigners), permanent address, phone number, email (if provided).
  • Payment details: bank and bank account number.
  • Other data needed to fulfill legal obligations or assert rights.

Purpose of Data Processing
Personal data is processed to:

  1. Identify clients.
  2.  Handle reservations.
  3. Provide accommodation and manage communications/contracts.
  4. Communicate with representatives of counterparties.
  5. Sign employment and service contracts.
  6. Fulfill accounting needs, including salary payments.
  7. Compile statistics.
  8. Issue invoices and accounting documents.
  9. Fulfill tax and social security obligations.
  10.  Collect guest reviews.
Data Storage Periods
  • Employee records: 50 years after contract signing (per labor law).
  • Accounting documents: 10 years from creation.
  • Client data (excluding accounting): 5 years after last stay unless erasure (“right to be forgotten”) is requested earlier.
  • Counterparty representatives’ data: until contract expiration and fulfillment, unless erasure is requested earlier.

Disclosure to Third Parties
Personal data is shared only:

  • When required by law or with the data subject’s consent.
  • With the National Revenue Agency (NRA) and other legally authorized bodies.
  • With an external accounting firm (under a contract).
  • With lawyers in case of disputes.
  • With competent authorities (courts, regulators, law enforcement) as required by law.
  • With service providers, subcontractors, and related organizations to deliver services to you.

Security Measures
We apply appropriate technical and organizational measures to prevent unauthorized access, loss, destruction, or damage to personal data.

Your Rights
 You have the right to:

  1. Be informed about this policy.
  2. Confirm if and how your data is processed, and access it (paper or electronic copy).
  3. Request corrections or updating of inaccurate or incomplete data.
  4. Request erasure if the legal basis for processing no longer exists.
  5. Request restriction of processing or object to processing where legally allowed; withdraw consent for market research at any time.
  6. Request data portability to another controller.

Cookies
Our website uses cookies to collect non-personal statistical data about browsing behavior. Cookies help improve the website and provide a more personalized experience. By using our website, you consent to the use of cookies, including Google Analytics cookies.
You can manage cookies through your browser settings (‘Options’ or ‘Preferences’).

Links to Other Websites
Our website may link to third-party websites. This policy only applies to our website. We are not responsible for the privacy practices of other sites. Please review their privacy policies.

Contact
To exercise your rights, email us at: office@everest-bansko.com.
If you believe your rights under GDPR are violated, you may lodge a complaint with the Personal Data Protection Commission (CPDP):

  • Address: Sofia 1592, 2 Prof. Tsvetan Lazarov Blvd.
  • Tel: +359 2 915 3518/15/19
  • Fax: +359 2 915 3525
  • Email: kzld@cpdp.bg
  • Website: www.cpdp.bg

Last updated: 01.02.2025