Privacy policy

WE CARE ABOUT THE PROTECTION OF YOUR PERSONAL DATA

What is the purpose of this document?
This Privacy Policy summarizes the key aspects related to the protection of your personal data and how we process it. For more information regarding specific processes, you can contact us using the details provided below.

Who are we?
"Martini BG" Ltd. is a commercial company registered in the Commercial Register at the Registry Agency under UIC 207783184, with its headquarters and management address: Varna, Slivnitsa Blvd. 33, phone: +359 876 373635, email: chernomore@martini.bg. The company is a data controller within the meaning of the General Data Protection Regulation (Regulation (EU) 2016/679) and the Personal Data Protection Act.

What information can you find in this Privacy Policy?
This Privacy Policy provides clear and accessible information about how we process the personal data you provide to "Martini BG" Ltd. (referred to as "Martini"), including:

• What personal data we collect about you;

• The purpose of collecting it;

• How long we store the provided personal data;

• Where we store your personal data and what security measures we take;

• With whom we share your personal data;

• Whether we use automated decision-making and profiling;

• How we notify you of changes to this Policy;

• What cookies we use on our website;

• What your rights are in relation to your personal data.

What is personal data?
Personal data is any information through which an individual can be directly or indirectly identified.

What personal data does Martini collect about you and for what purposes?
To provide you with effective access to our services, Martini collects certain information and personal data. These fall into the following main categories:

I. Information you provide voluntarily

• When making a reservation at www.reservation.martini.bg

• To contact you regarding service usage;

• To notify you about changes to the Terms or this Policy;

II. Information from using services without registration

• To process a reservation request;

• For confirmation and communication with the selected commercial establishment;

• To respond to inquiries and resolve issues;

III. Information from the contact form on the site (if applicable)

• To process inquiries, complaints, and compliments;

• To analyze and improve services;

• To prevent fraud and violations of the Terms.

IV. Transaction information during reservation (if applicable)

• To process the reservation and prepare a bill. When the business managing the commercial venue you are booking (by directly calling the venue) requires reservation guarantees (e.g., prepayment of a deposit or penalties for no-shows), you provide your bank card details in the online payment system. We receive:

  • A verification of the card via a zero-amount transaction;

  • A token (key) to your bank card (we do not store or process any other data except the last four digits, expiry date, and card type). This token enables a transaction of an amount not exceeding the deposit/penalty outlined by the merchant.

• To forward information to the selected venue;

• To send updates regarding the reservation;

• To respond to inquiries and resolve issues;

• To analyze and improve services;

• To prevent fraud and misuse.

VI. Feedback information

• To respond to questions and comments;

• To publish your ratings and reviews of venues – only with your explicit consent;

• For internal analysis to improve services.

VII. Activity and usage data on the platform (if these functionalities are enabled)

• To enhance the user experience;

• To provide a history and details of previous orders;

• To access other requested services.

VIII. Cookies and similar technologies

• To measure and analyze service performance;

• To personalize and target ads on other platforms;

• To provide location-based services (only if you share your location).

IX. Information from third parties

• From marketing analysis to evaluate campaign effectiveness;

• To better understand your preferences and personalize services.

Types of personal data we process include:

• Name, surname, phone, email – when registering, booking, or submitting an inquiry;

• Reservation information;

• Bank card information – last four digits, expiry date, card type, transaction token;

• Technical data – IP address, device, browser;

• Data from mobile apps – including IMSI and GPS coordinates;

• Cookie data – for identifying the browser or device.

What does processing of personal data mean?
Processing personal data includes any action performed with it, such as collection, storage, use, transmission, correction, updating, deletion, or destruction.

On what grounds does Martini process your personal data?
The legal basis depends on the specific context of data collection. Main grounds include:

• Contract fulfillment – e.g., when making a reservation through our platform;

• Legitimate interest – e.g., to improve services or protect against abuse, provided this does not override your rights;

• Legal obligation – e.g., in legal proceedings;

• Vital interest – e.g., protecting your or someone else's life;

• Consent – e.g., for receiving marketing messages. Consent is given during registration or via a relevant form and can be withdrawn anytime by email to chernomore@martini.bg, by mail to our address, or via the unsubscribe link in the email.

How do we collect your personal data?
We process your data through:

• Forms and applications completed on our website;

• Use of our web portal and mobile applications;

• Online identifiers – IP addresses, cookies, device and browser data.

Automated decision-making and profiling
We may use information about your activity on the platform (e.g., reservation history). This does not include automated decision-making that has legal or significant effects on you.
You can object to this processing or request more information by contacting us via the details in the "How to contact us" section.

How long do we keep your personal data?
Martini stores your personal data only for the necessary duration, based on the purpose of collection. Retention periods:

• Up to 5 years after termination of the contractual relationship, when data is processed on that basis;

• For reservation guarantees – the token (used to charge your card if needed) is stored for no more than 48 hours after the reservation date. In case of failed transactions, this period may be extended up to one week. After that, the merchant can no longer use the token to collect payment.

• For legal obligations and archiving – only as required by law.

After the relevant period expires, your data is deleted from our systems.

How do we protect your personal data?
Martini implements technical and organizational measures to protect personal data, including:

• Data encryption during transfer and storage;

• Employee training on security and confidentiality;

• Strict internal rules to limit access;

• Providing data to government bodies only when legally required or with your explicit consent.

To whom can we disclose your personal data?

Martini does not sell or disclose your personal data to third parties, except in the following cases:

• To selected partners and service providers – only to the extent necessary for providing the services (such as reservation systems, payment service providers, hosting providers);

• To the merchant managing the commercial venue – for the purpose of confirming your reservation and communicating directly with you;

• To competent authorities – when required by law or in response to legal procedures.

Do we transfer your personal data outside the EU/EEA?
As a general rule, Martini does not transfer your personal data outside the European Union (EU) or the European Economic Area (EEA). If such a transfer is necessary, it will be done in compliance with the legal requirements for data protection, including through standard contractual clauses approved by the European Commission.

What are your rights regarding your personal data?
You have the following rights:

• Right to access – to receive confirmation of whether your personal data is being processed and, if so, to receive a copy of that data;

• Right to rectification – to request correction of inaccurate or incomplete data;

• Right to erasure – to request deletion of your personal data in certain cases;

• Right to restriction of processing – to request limiting the processing of your data under certain conditions;

• Right to data portability – to receive your personal data in a structured, commonly used, and machine-readable format;

• Right to object – to object to the processing of your personal data based on legitimate interest;

• Right to withdraw consent – at any time, for processing based on consent;

• Right to lodge a complaint – with the Commission for Personal Data Protection if you believe your rights have been violated.

How to contact us?
If you have questions or wish to exercise any of your rights regarding personal data, you can contact us in one of the following ways:

• By phone: +359 876 373635

• By email: chernomore@martini.bg

• By mail: Varna, 33 Slivnitsa Blvd.

If you believe your rights as a consumer or regarding the protection of your personal data have been violated, you may contact the relevant authorities:

Commission for Consumer Protection – Varna Regional Office
Address: 9000 Varna, 112 Vladislav Varnenchik Blvd., 4th floor
Phone: +359 (052) 603 778
Website: www.kzp.bg

Commission for Personal Data Protection
Address: 1592 Sofia, 2 Prof. Tsvetan Lazarov Blvd.
GPS coordinates: N 42.668839 E 23.377495
Email: kzld@cpdp.bg
Website: www.cpdp.bg
Working hours: 9:00 – 17:30

Policy updates
We may update this Privacy Policy from time to time. When we do, we will notify you by updating the date of the document and, where appropriate, by other means such as email. We recommend that you regularly review the Policy to stay informed about how we protect your personal data.