Dear guests of Hostel Mostel,
According to Art. 116 of the Bulgarian Tourism Act, we are personal data administrators with regard to the personal data you provide us with. Your comfort and trust are our highest priority in this context. As a policy, we always treat your personal information as confidential and comply with the General Data Protection Regulation (GDPR), as well as with the Bulgarian Personal Data Protection Act.
You can obtain information about our personal data processing policy from our website. This policy defines the way in which we process personal data online and physically, and which customer information is collected and analyzed. The policy strictly outlines how the collected information, involving personal data is used, shared, processed, deleted, limited or pseudonymized. It also indicates cookies and other technologies, which may be used in our applications.
Through the use of this website you give your permission with regard to the collection and use of your personal data, as described expressly in the Personal Data Confidentiality Declaration. Your agreement happens through a click in a specified checkbox, after which you will receive an automatic e-mail marking the beginning of administration of your personal data by Hostel Mostel.
Please be kindly informed, that Hostel Mostel regularly updates the Personal Data Confidentiality Declaration, in line with changes in legislation. In case of a change we will publish the updated version of this Personal Data Confidentiality Declaration on our website.
The policy described herein (“Policy”) is implemented in Hostel Mostel.
At Hostel Mostel we know that confidentiality is very important. We have developed the current policy, in order to clarify our practices regarding personal data, collected from you or for you on this website or through our applications, through written and verbal communication with us when you visit our premises, and from other sources.
By using any of our products and services and/or through agreeing with this Policy, for example, during registration, for any of our products or services, you agree to the collection and use of personal data as described in this document.
In any instance of contact or interaction with the guests and in carrying out all aspects of our work, it is possible that we collect personal data. This data may include: your contact information; information, related to your reservation, stay or visit; information, related to the purchase and receipt of products or services; personal characteristics, nationality, passport number, date and place of passport issue, travel history, payment information, for example, bank card number and other bank card information, as well as authentication information and other similar data for invoicing and payment account, related to mobile payments; preferences as guests; preferences for communication; other types of information, which you chose to provide us with or which we can receive about you.
*Studies: We may ask you about demographic and other personal data within the framework of customer studies.
*Data collected on our premises: We collect additional data when you register at our premises, including data requested under the Tourism Act. We may also use a hidden surveillance system and other security measures on our premises, which may capture or record photos of guests and visitors in public areas, as well as location information about you during your stay on our premises (through access cards and other technologies). We may also use a video surveillance system and records of sound or video, in order to provide protection for our employees, guests and visitors, on our premises, when this is permitted by law. At the Reception we record video and sound. This capture (observation) is carried out only with the aim to provide protection and security for our guests, and is only carried out in the public spaces of the hostel (not in your room). Be informed, that the capture does not relate to the processing and collection of personal data, and is not carried out with this aim, and therefore the records are deleted within the term set in legislation.
Apart from the information, which we collect directly for you, we may also infer information about you based on the data you provide us with, or from other information, which we receive. In such instances, we wil express you inform you by e-mail regarding the additionally collected personal data, their source, and the fact, that they will only be used for the purposes of provision of our tourist services.
We use your personal data in many ways, including the provision and personalization of services.
*Accuracy, analysis and personalization of data: We may also summarize your personal data with information from third parties, in order to maintain the information updated for analysis. We may also depend on information from third parties when we provide better and more personalized services. If, for example, you link your social media services or other accounts with our services, we can use this information to provide you with a more personalized social experience with us, or to share the information as described elsewhere in this declaration.
In order to provide you with the expected level of hospitality and the best service, we may share your personal data with our service providers and third parties, as described below:
Business partners: We may collaborate with other companies, in order to provide you with products, services, or offers, based on your experience on our premises. In relation to this, we may share your data with our business partners. For example, we can help you in finding a rental car or other services from our business partners, and share personal data with these business partners, in order to provide these services. We may also share your personal data, like, for example, your e-mail address, with our corporate partners in the tourism sector, or to participate in marketing activities with co-participation of other brands together with our corporate partners in the tourism sector. In the case of such co-administration, in order to protect your personal data, we request from third parties to provide the same level of protection, as provided by Hostel Mostel.
*Others: In addition, Hostel Mostel may disclose personal data, in order to
We may use the information, collected and summarized by us, or anonymized personal data, received by third parties, in order to learn more about our customers (for example, we can use summary information, in order to define the percentage of users we have with a certain telephone code). This includes demographic data, such as date of birth, sex, family status, inferable trade interests, such as favorite products and activities, and other information, which we may collect from you or third parties.
Inasmuch as the Additional information does not disclose your identity, we can disclose this information for all purposes, as long as it’s permitted by law. In some cases we may combine Additional information with personal data. If we combine Additional information with Personal data, the combined information will be treated as personal data in accordance with this Declaration.
The term “sensitive information” relates to information regarding race, ethnicity, political views, religious or philosophical beliefs, participation in trade unions, health condition, sexual life or sexual orientation, genetic information, judicial past and all biometric data, used to identify you. We do not collect confidential information, except if you provide it to us voluntarily. We may use health information, provided by you, for the provision of better services and meeting your specific needs (for example in order to provide access to people with disabilities). With regard to this type of information (in case it’s collected and processed), special class two technological processes for personal data storage and encryption are applied.
Our website may contain links to third party websites. Take into account, that we are not responsible for the collection, use, maintenance, sharing or disclosure of data and information by these third parties. If you provide information to and use third party websites, the confidentiality regulations and conditions regarding the service provided by these websites are applied. We recommend that you read the confidentiality regulations regarding websites you visit before you send personal data.
Hostel Mostel will take reasonable measures to: (a) protect personal data against unauthorized access, disclosure, change or destruction (b) maintain accurate and updated personal information, as appropriate. We also require from service providers, with whom we share personal data, to take measures analogical to ours, for the provision of confidentiality for your personal data. For online transactions we use special technological means for personal data protection with regard to the data you send us through our website. However, regrettably, there is no security system or data transfer system online, which is guaranteed to be completely secured, and in case of breach, we are under the responsibility to address the case to the Personal Data Protection Commission within 72 hours.
We will contact you through mobile/text notification or e-mail, in order to ask you to provide us with your confidential data or bank card data.
Within the framework of applicable legislation, you can ask about information regarding the personal data we store about you and, when appropriate, to request its update, correction or deletion (“right to be forgotten”) of your personal data, which we maintain in our active database. We will perform all necessary updates and changes within the time-frame, set out in applicable law, and where it’s permitted by law we may request a certain tax to cover the costs related to the request. Such requests must be sent in written form . In order to protect the confidentiality of your personal data, we can only reply to such requests through the e-mail address you used when you registered or provided to us by other means.
We store your personal data for the period, necessary for the achievement of the goals, described in this Policy document and/or one year after we have provided you with a tourist service, except in cases where a longer storage period is necessary or allowed by applicable law.
Upon your request, or when we no longer need your data for the provision of the tourist service, which was provided to you, we will delete your personal data in the shortest possible period and in a way, in which it can’t be reproduced or recovered immediately.
If your data exists on paper, they will be destroyed securely, for example through machine shredding or burning or in another similar way, and if they are in electronic format, the personal data will be destroyed through technical means, so that they can’t be reproduced or recovered.
We may sporadically change this Policy. You will know when the current document has been amended, if you check the link and date at the beginning. All amendments to our Policy will take effect upon publication of the amended Policy on the website. By using the website and/or any of our products and services, you accept the amended Policy which is effective at the time.
If you have any questions regarding this Policy or the way in which Hostel Mostel processes your personal data, you can contact us via e-mail at