Privacy Policy

Therme Fun&Sport Park – part of the Grand Hotel Therme complex and the Grand Hotels Resorts by Pulse chain

1. General provisions

This Privacy Policy (“Policy”) describes how GRAND HOTELS MANAGEMENT AND MARKETING LTD, UIC 206072108 (“Company”), collects, uses and stores the personal data of visitors and users of Therme Fun & Sport Park, including through the website https://thermefunpark.bg.

2. Personal data controller

• Picture name: GRAND HOTELS MANAGEMENT AND MARKETING LTD.
• UIC/PIC: 206072108
• Address. Banya, commonly. Razlog, Bulgaria
• Email: info@thermefunpark.bg
• Phone: 0800 20 201

3. What personal data we collect

• Identification data: first name, last name, telephone, email, age (for children).
• Booking details: number of guests, date of visit, type of service.
• Payment details: card used, bank accounts (if needed), billing.
• Communication: data provided for telephone, email or social media enquiries.
• Photography and video: at public events and in connection with CCTV security.
• Online identifiers: IP address, cookies, device and browser used.
• Health data: measurement of inlet temperature (for anti-epidemic measures).

4. Processing objectives

• Implementation of contractual relations (reservations, tickets, subscriptions).
• Ensuring safety and security (incl. CCTV).
• Communication and customer service.
• Conducting events, campaigns and activities.
• Sending marketing messages (only with consent).
• Accounting and tax liabilities.

5. Legal basis

• Contract: for reservations, ticket purchases and services.
• Law: for accounting and tax purposes.
• Consent: for marketing, photo/video capture, health measures.
• Legitimate interest: for safety, service improvement and protection from abuse.

6. Recipients of personal data

• IT and software support providers.
• Payment institutions and banks.
• Courier companies (when supplying services/products).
• State authorities upon legal requirement.
• Partners in joint events (with the knowledge and consent of the client).

7. Storage period

• Contract and booking data – up to 5 years after the end of the contract.
• Accounting documents – as required by law.
• Marketing data – until consent is withdrawn or up to 2 years from last contact.
• Video recordings – up to 30 days unless necessary for investigation.
• Health data (temperature control) – only processed momentarily, no long-term storage.

8. Your rights

As a data subject, you have the right to:

• access your data;
• request their correction;
• request deletion (the “right to be forgotten”);
• restrict processing;
• get a copy of your data (portability);
• object to processing, including direct marketing;
• lodge a complaint with the Data Protection Commission (www.cpdp.bg).

9. Cookies and online services

Our website uses cookies to:

• improving functionality;
• traffic analysis;
• marketing purposes.
  More information can be found in the separate Cookie Policy.

10. CCTV

Video surveillance is implemented in the park for the safety, prevention and protection of visitors and staff.

11. Changes to the Policy

Therme Fun&Sport Park may update this Policy. In the event of material changes, notice will be posted on the website.

Acknowledged:
Manager of GRAND HOTELS MANAGEMENT AND MARKETING LTD.