Privacy Policy

Last updated: 15 April 2026

This Privacy Policy describes how IDS Bulgaria Ltd. (“we”, “us”, “our”) collects, uses, discloses, and protects your personal data when you use the websites idsbulgaria.com, idsbulgaria.bg, and the platform myresa.online (the “Platform”).

We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Bulgarian legislation.

License TO

Insurance

1. Data Controller

The data controller is:

IDS Bulgaria Ltd.
UIC: 204306181
Address: 12 Lyuben Karavelov Str., Burgas 8000, Bulgaria
Email: info@idsbulgaria.com

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

2.1. Identification Data

  • Full name
  • Date of birth
  • Nationality
  • Personal identification number, passport or ID details (when required)

2.2. Contact Data

  • Email address
  • Phone number
  • Address

2.3. Booking & Travel Data

  • Travel dates and destinations
  • Reservation details (hotel, flights, packages, services)
  • Information about accompanying travelers

2.4. Payment Data

  • Payment status and transaction details
    (Note: Card details are processed by third-party payment providers and are not stored by us.)

2.5. Technical Data

  • IP address
  • Device and browser type
  • Website usage data (via cookies and similar technologies)

2.6. Communication Data

  • Customer support inquiries
  • Feedback, reviews, and correspondence

3. Purposes and Legal Basis for Processing

We process your personal data for the following purposes:

3.1. Performance of a Contract (Art. 6(1)(b) GDPR)

  • To process bookings and reservations
  • To issue tickets, vouchers, and confirmations
  • To provide customer support

3.2. Legal Obligations (Art. 6(1)(c) GDPR)

  • Compliance with tax, accounting, and tourism regulations
  • Providing information to competent authorities when required

3.3. Legitimate Interests (Art. 6(1)(f) GDPR)

  • Improving our services and platform
  • Preventing fraud and misuse
  • Managing and securing our systems

3.4. Consent (Art. 6(1)(a) GDPR)

  • Sending marketing communications
  • Use of non-essential cookies

You may withdraw your consent at any time.

4. Sharing of Personal Data

We may share your personal data with:

4.1. Service Providers

  • Hotels, airlines, tour operators, and other travel providers
  • Only data necessary for delivering the service is shared

4.2. Payment Processors

  • Banks and payment service providers for processing transactions

4.3. IT and Hosting Providers

  • Providers of cloud, hosting, analytics, and technical services

4.4. Public Authorities

  • When required by law or regulatory obligations

4.5. Business Partners

  • Only where necessary and under contractual safeguards

All third parties are required to process your data in accordance with applicable data protection laws.

5. International Data Transfers

If your booking involves services outside the European Economic Area (EEA), your personal data may be transferred outside the EEA.

In such cases, we ensure appropriate safeguards, including:

  • Standard Contractual Clauses approved by the European Commission
  • Transfers to countries with adequate protection levels

6. Data Retention

We retain personal data only as long as necessary for the purposes described above, including:

  • Duration of the contractual relationship
  • Legal retention periods (e.g. accounting and tax requirements)
  • Resolution of disputes

After this period, data will be securely deleted or anonymized.

7. Your Rights Under GDPR

You have the following rights:

  • Right of access – obtain confirmation and access to your data
  • Right to rectification – correct inaccurate or incomplete data
  • Right to erasure (“right to be forgotten”)
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing based on legitimate interest
  • Right to withdraw consent at any time

To exercise your rights, contact us at: info@idsbulgaria.com

You also have the right to lodge a complaint with the Bulgarian Commission for Personal Data Protection or another competent supervisory authority.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Ensure proper functionality of the Platform
  • Analyze usage and improve performance
  • Personalize content and marketing

You can manage your cookie preferences via your browser settings or through our Cookie Policy.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption and secure communication (SSL)
  • Access control and authentication
  • Monitoring and prevention of unauthorized access

Despite our efforts, no system can guarantee absolute security.

10. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significant consequences for users.

11. Third-Party Links

Our Platform may contain links to third-party websites. We are not responsible for their privacy practices.

12. Communication

We may contact you regarding:

  • Booking confirmations and service-related messages (mandatory)
  • Optional marketing communications (only with consent)

You may unsubscribe from marketing communications at any time.

13. Updates to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our Platform, with the updated date indicated above.

14. Contact Us

If you have any questions regarding this Privacy Policy or the processing of your personal data, please contact us:

Email: info@idsbulgaria.com
Address: 12 Lyuben Karavelov Str., Burgas 8000, Bulgaria

Последна актуализация 15.04.2026