Butch Ltd. is a certified tour operator with registration certificate No. RK-01-7860, issued on 03.05.2018 by the Ministry of Tourism and a valid tour operator liability insurance. Butch Ltd. offers tourist services in the field of alternative tourism.

Contact details for Butch Ltd.

Address: city of Samokov region Sofia, 17 Pashenitsa St
Phone: 0888 226 339 / 0887524822
El. mail: horse_riding@abv.bg
Website: www.horse-ridin-bg.com

GENERALS
Butch Ltd, hereinafter referred to as the COMPANY for short, processes personal data in accordance with the requirements of the applicable legislation. This PRIVACY POLICY defines the relevant procedures and actions regarding the personal data collected by the COMPANY – how and for what purpose they are used and stored, how they are deleted, as well as the conditions and purpose of providing them to third parties.
The PRIVACY POLICY may be changed and updated in order to bring it into line with possible changes in Bulgarian and applicable European legislation.

Butch Ltd complies with the following principles in processing personal data:

• lawfulness, good faith and transparency;
• collection for specific, explicitly stated and legitimate purposes;
• minimizing the data collected;
• accuracy and up-to-dateness of the data;
• limitation of the storage period, with a view to achieving the goals;
• processing in a way that guarantees an appropriate level of personal data security.

The provision of personal data by employees and contractors of the COMPANY is a mandatory legal basis.
The provision of personal data to other data subjects is a contractual basis.
In the event that a data subject does not wish to provide his data, he cannot enter into a contract, cannot be the recipient of any service and cannot receive pre-contractual information about services provided by the COMPANY and trips, for which last acts as a tour operator

PERSONAL DATA COLLECTION
The data should be provided to the COMPANY personally by the data subjects or personally by parents/guardians of minors – in writing by completing and signing declarations, contracts and annexes to them electronically.
In relation to the performance of its activities, the COMPANY collects the following personal data:
Personal data: names, social security number, number and data from an identity card/international passport, address, telephone, email address.
Sensitive personal data: health data, nutritional preferences.

PURPOSES OF PERSONAL DATA PROCESSING
To communicate with customers/counterparts of the COMPANY regarding specific tourist services and provide pre-contractual information;
To conclude contracts for tourist packages, for hotel reservations, transfers, and other tourist services;
To conclude insurances – “Medical expenses in case of illness and accident of the tourist”, “Assistance when traveling abroad” and “Cancellation of a trip”;
For concluding a contract – labor, civil and compliance with the requirements of labor legislation;
For accounting purposes and payment of remuneration;
For marketing and statistical purposes.

STORAGE OF PERSONAL DATA
Personal data is stored for a different period of time depending on the purposes for which it was collected and the requirements of the currently applicable legislation:
Customer data for the execution of specific travel contracts and reservations – 5 years, counting from the date of completion of the execution of the specific service;
Customer and counterparty data made available for storage by express consent outside the performance of a specific contract – 5 years, unless the data subject requests that it be deleted before this period expires;
Customer data for accounting purposes – 10 years + 1 year from the date of drawing up the document;

PROVISION OF PERSONAL DATA TO THIRD PARTIES
The COMPANY provides personal data to third parties only to the extent necessary to fulfill contracts and reservations of travel services and does not provide personal data to persons unrelated to the travel of the specific data subject, as follows:
Tour operators, hotels and other places of accommodation, bus companies;
Insurance companies for the needs of concluding insurances provided for in the Law on Tourism;
Guides and guides hired by the COMPANY for the purposes of communication with the participants of the particular trip;
The COMPANY provides personal data to third parties if there is a legal basis for providing the data, as follows:
NRA, NOI, KZP, Office of Occupational Medicine and other legally established recipients, when the legislation requires it;
In the event of claims related to the performance of the COMPANY’s duties as a tour operator or travel agent or the exercise of the COMPANY’s rights, personal data shall be provided to a lawyer or law firm.
The COMPANY does not provide personal data to third parties for marketing purposes.

SECURITY MEASURES
The COMPANY takes technical and organizational security measures in order to protect data against unauthorized and illegal processing, accidental loss, destruction or damage of personal data, as may be required, taking into account the state of technical development, common practice and legal requirements.

RIGHTS OF PERSONAL DATA SUBJECTS
The subject of personal data has the following rights:
To receive information about the PRIVACY POLICY of the COMPANY;
To receive confirmation as to whether and what kind of personal data are being processed, as well as access to them, depending on technical capabilities;
To ask the COMPANY to correct inaccurate personal data without undue delay, as well as to update and supplement them in case of change;
To request the deletion of his personal data, if the legal basis for their processing has ceased or the data is not necessary for the COMPANY to establish, exercise or defend against legal and other legal claims;
To request restriction of the processing of his personal data, as well as the right to object to their processing when there is no legal basis for processing personal data;
On a complaint to a supervisory body /CPLD or the competent Court/ in connection with the processing of his personal data, when the law provides for such a possibility.

The rights specified in this section can be exercised by the subject of personal data by correspondence, by sending a written request with a clearly stated reason for it.