We strongly recommend that you take the time to read this Privacy Statement and retain it for future reference.

By staying at our hotel and using related products and services, or by visiting our website and social media profiles, including by commenting on Crowne Plaza Sofia’s social media pages or commenting about Crowne Plaza Sofia on a public social media feed, you consent to the collection, use and disclosure of your personal information (as defined below) in accordance with the following terms and conditions.

Please note that we have crafted this Privacy Statement specifically for our EU-based hotel, with a primary focus on the General Data Protection Regulation (GDPR). Specific additional rights and provisions may apply to residents of certain regions, as required by applicable law. Please view our additional disclosure directed to residents of the United States and California and the UK and European Economic Area (EEA) and Nevada and the People’s Republic of China (Excluding for the purposes of this statement Hong Kong Sar, Macau Sar and Taiwan) (“PRC”) and Brazil.

This Privacy Statement also explains how you can contact us if you have a question about, want to make a change to or delete any personal information that Crowne Plaza Sofia may be holding about you.

Personal Information

For the purpose of this Privacy Statement, “personal information” means information about an identifiable individual.

What Personal Information We Collect

The personal information collected may include at least some of the following:

• Contact information (such as name, address, e-mail address and telephone number);
• Proof of identity (such as a signature or passport number);
• Financial and billing information (such as credit card number and expiration date);
• Company details (such as name, address, VAT number, contact details)
• Reservation information (such as your IHG® One Rewards number);
• Video surveillance (such as CCTV footage and profile photo for the Wellbeing Centre software).

Please note that some services within the hotel, such as massages & beauty treatments, manicures, pedicures, and hairdressing services, are offered by third-party companies. These third-party providers may collect additional personal information for their services and if you have concerns or need information about the data collected by these providers, kindly reach out to them directly, as our hotel is not responsible for their data handling.

How We Use Your Personal Information

We use your personal information to:

• Book and confirm your hotel reservations, including those made via email, phone, or walk-in, with the exception of online reservations. Kindly note that all online reservations are made through the IHG website and subject to IHG's privacy statement, which can be accessed here;
• Provide you with personalised interactive communication;
• Provide you with timely and reliable services;
• Do all the things necessary to administer those services;
• Research, develop, manage, protect and improve those services;
• Register you as a member of IHG® One Rewards loyalty programme;
• Advise you about new products and services that may be of interest to you;
• Develop and maintain our relationship with you and communicate with you;
• Bill you for our products and services;
• Collect outstanding debts;
• Assist in the investigation of a contravention of a law;
• Act in respect of an emergency that threatens the life, health or security of an individual.

When We Disclose Your Personal Information

Except with your consent, we will not sell, license, trade or rent your personal information to or with others. We may share personal information with third parties and/or business associates (including, InterContinental Hotels Group PLC and its affiliates) engaged to assist us in providing services to you or to carry out one or more of the purposes described above.

Crowne Plaza Sofia reserves the right to disclose personal information to a third party if a law, regulation, search warrant, subpoena or court order legally requires or authorises us to do so. Crowne Plaza Sofia also reserves the right to disclose and/or transfer personal information to a third party in the event of a proposed or actual purchase, sale (including a liquidation, realisation, foreclosure or repossession), lease, merger, amalgamation or any other type of acquisition, disposal, transfer, conveyance or financing of all or any portion of Crowne Plaza Sofia or of any of the business or assets or shares of Crowne Plaza Sofia or a division thereof in order for you to continue to receive the same products and services from the third party.

Knowledge and Consent

We collect personal information about you only when you voluntarily provide it. Typically, we will seek consent for the use or disclosure of your personal information at the time of collection. In certain circumstances, consent may be sought after the information has been collected but before use (for example, when we want to use information for a purpose not previously identified).

The form of consent that we seek, including whether it is express or implied, will largely depend on the sensitivity of the personal information and the reasonable expectations of the individual in the circumstances.

You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. If you wish to withdraw your consent at any time, please contact us as outlined below (see “Contacting Us and Correcting or Updating Your Information”). We will inform you of the implications of withdrawing consent.

We will not, as a condition of the supply of a product or service, require you to consent to the collection, use or disclosure of information beyond that required to fulfill the explicitly specified and legitimate purposes for which the information is being provided.

Use or Disclosure for Marketing Purposes

If you have not opted out of receiving marketing materials, we may also use (but will not disclose) your personal information to promote and market additional goods, services and special offers from us, our affiliates and/or our business associates (including InterContinental Hotels Group PLC and its affiliates), including by means of direct marketing. If you have provided your consent for us to do so, we may also disclose your personal information (including name, mailing address and e-mail address) to these affiliates and/or third party business associates so that they can send you promotional materials directly.

You can choose not to allow us to use or disclose your personal information for direct marketing purposes by indicating your preference on by contacting us as outlined below (see “Contacting Us and Correcting or Updating Your Information”).

Cookies

Our customers should be aware that information and data may be automatically collected through the standard operation of our internet servers and through the use of “cookies”. The information collected in such ways is not personal information. For detailed information about how we use cookies on our website, please refer to our Cookie Policy here.

How We Protect Your Personal Information

We make commercially reasonable efforts to ensure that personal information collected from you is protected against loss and unauthorised access. This protection applies in relation to information stored in both electronic and hard copy form. Access to your personal information is restricted to selected employees or representatives. In addition, we employ generally accepted information security techniques, such as firewalls, access control procedures and cryptography, to protect personal information against loss and unauthorised access.

Links to Third Party Sites

The website may offer links to other third party websites. You should be aware that operators of linked websites may also collect your personal information (including information generated through the use of cookies) when you link to their websites. We are not responsible for how such third parties collect, use or disclose your personal information, so it is important to familiarise yourself with their privacy policies before providing them with your personal information.

Retention and Storage of Your Personal Information

We retain your personal information for as long as necessary to fulfill the purpose(s) for which it was collected and to comply with applicable laws, and your consent to such purposes(s) remains valid after termination of our relationship with you.

Additional Disclosure for Residents of Specific Regions

As an European Union-based hotel, our privacy statement is meticulously designed to address the requirements of the General Data Protection Regulation (GDPR). If you reside in the United States, California, the UK, European Economic Area (EEA), Nevada, People's Republic of China (PRC, excluding Hong Kong SAR, Macau SAR, and Taiwan), or Brazil, specific privacy rights and provisions may apply to you under relevant laws. We are committed to upholding your privacy rights in accordance with the relevant regulations in your region. If you have questions or need clarification, please contact us using the provided contact information in this Privacy Statement.

Changes to this Privacy Statement

We reserve the right to modify this Privacy Statement at any time without notice. The Privacy Statement posted at any time via this website shall be deemed to be the Privacy Statement then in effect.

Contacting Us and Correcting or Updating Your Information

In the event that you have any questions about this Privacy Statement or if you have reason to believe that we may have failed to adhere to this Privacy Statement, you may contact us. You can also help us maintain the accuracy of your personal information by notifying us of any changes to this information. Contact us in any one of the following ways to request access to or correction or update of your personal information:

E-mail: d.churchulova@cpsofia.bg, Attention: Darena Churchulova

Telephone: + 359 2 807 07 07

Effective date: 30.01.2024

In the event of any inconsistencies, discrepancies, or differences between the English and Bulgarian versions of this Privacy Statement, the Bulgarian text shall take precedence and govern. This provision ensures that, in case of ambiguity or dispute, the interpretation and application of this Privacy Statement will be guided by the Bulgarian language version.