{"id":2720,"date":"2026-03-24T09:59:38","date_gmt":"2026-03-24T09:59:38","guid":{"rendered":"https:\/\/themill.bg\/?page_id=2720"},"modified":"2026-06-02T17:15:22","modified_gmt":"2026-06-02T17:15:22","slug":"privacy-policy","status":"publish","type":"page","link":"https:\/\/themill.bg\/en\/privacy-policy\/","title":{"rendered":"Privacy Policy"},"content":{"rendered":"<div data-elementor-type=\"wp-page\" data-elementor-id=\"2720\" class=\"elementor elementor-2720\" data-elementor-post-type=\"page\">\n\t\t\t\t<div class=\"elementor-element elementor-element-4867c0a e-flex e-con-boxed e-con e-parent\" data-id=\"4867c0a\" data-element_type=\"container\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-0b9b94e e-flex e-con-boxed e-con e-parent\" data-id=\"0b9b94e\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-9df95ab elementor-widget__width-initial elementor-widget elementor-widget-heading\" data-id=\"9df95ab\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">PRIVACY POLICY <\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f7a4598 elementor-widget elementor-widget-heading\" data-id=\"f7a4598\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">The Mill Boutique Hotel<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4810950 elementor-widget elementor-widget-text-editor\" data-id=\"4810950\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<ol>\n<li><strong> GENERAL INFORMATION<\/strong><\/li>\n<\/ol>\n<p><strong>Art.1.<\/strong> This document constitutes the Privacy Policy of the guests and clients of The Mill Boutique Hotel, operated by <strong>B.H.R. EOOD<\/strong>, and describes the principles and practices applied in the processing of personal data in connection with the services provided and the activities carried out by the Hotel. The Hotel processes and safeguards personal data responsibly, lawfully, and in accordance with applicable legislation.<\/p>\n<p>This Privacy Policy has been prepared in accordance with the requirements of the <strong>General Data Protection Regulation (GDPR)<\/strong> of the European Parliament and of the Council of <strong>27 April 2016<\/strong> on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95\/46\/EC.<\/p>\n<p><strong>Data Controller<\/strong><\/p>\n<p>Company name: B.H.R. EOOD<br>Company Registration Number (UIC): 201439358<br>Registered office and management address: 25 Ivan Vazov Street, 8230 Nessebar, Bulgaria<br>Place of business: Archaeological Park District 2, 8230 Nessebar, Bulgaria<br>Email address: <a href=\"mailto:info@themill.bg\">info@themill.bg<\/a><\/p>\n<ol>\n<li><strong> DEFINITIONS<\/strong><\/li>\n<\/ol>\n<p><strong>Art.2.<\/strong> For the purposes of this Policy and in accordance with the definitions set out in <strong>Article 4 of the GDPR<\/strong>, the following terms shall have the meanings described below:<\/p>\n<ol>\n<li><strong> \u201cPersonal Data\u201d<\/strong> \u2013 any information relating to an identified or identifiable natural person (\u201cdata subject\u201d).<\/li>\n<li><strong> \u201cData Subject\u201d<\/strong> \u2013 a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.<\/li>\n<li><strong> \u201cData Controller\u201d<\/strong> \u2013 a natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.<\/li>\n<li><strong> \u201cProcessing of Personal Data\u201d<\/strong> \u2013 any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation, retrieval, consultation, use, disclosure by transmission, dissemination, alignment, restriction, erasure, or destruction.<\/li>\n<\/ol>\n<p><strong>III. DATA SUBJECTS<\/strong><\/p>\n<p><strong>Art.3.<\/strong> In connection with the services provided, The Mill Boutique Hotel processes personal data relating to the following categories of data subjects:<\/p>\n<ol>\n<li>a) Natural persons visiting the Hotel\u2019s website: <a href=\"https:\/\/themill.bg\">https:\/\/themill.bg<\/a>;<\/li>\n<li>b) Natural persons who make reservations in their own name or on behalf of another natural or legal person through the the Hotel\u2019s website;<\/li>\n<li>c) Natural persons using the services provided by The Mill Boutique Hotel, including but not limited to hotel accommodation services, restaurant services and related hospitality services, as well as the provision of premises for the organisation of conferences and other events, including individuals representing or otherwise acting on behalf of legal entities that use these services;<\/li>\n<li>d) Natural persons who submit inquiries, requests, signals, complaints, or other correspondence, either on their own behalf or on behalf of another person, including but not limited to communications via email, telephone calls, the the Hotel\u2019s website contact form, the Hotel\u2019s social media channels, or other means.<\/li>\n<\/ol>\n<p>The services offered by The Mill Boutique Hotel may only be requested by legally capable <strong>persons who have reached the age of 18 years.<\/strong><\/p>\n<ol>\n<li><strong> TYPES OF PERSONAL DATA PROCESSED<\/strong><\/li>\n<\/ol>\n<p><strong>Art.4.<\/strong><strong> For the purposes of guest accommodation, guest registration, and restaurant services<\/strong><\/p>\n<p><strong>4.1.<\/strong><strong> Identification Data<\/strong><\/p>\n<ul>\n<li>guest names;<\/li>\n<li>date of birth;<\/li>\n<li>gender;<\/li>\n<li>nationality;<\/li>\n<li>national identification number (EGN \u2013 Unified Civil Number or LNCH \u2013 Personal Number of a Foreigner) and\/or identity document numberissue date and validity of identity documents;<\/li>\n<li>country issuing the identity document;<\/li>\n<li>signature.<\/li>\n<\/ul>\n<p><strong>4.2.<\/strong><strong> Contact Data<\/strong><\/p>\n<ul>\n<li>telephone number for contact;<\/li>\n<li>email address for reservation confirmation;<\/li>\n<li>address.<\/li>\n<\/ul>\n<p><strong>4.3.<\/strong><strong> Information related to hotel accommodation<\/strong><\/p>\n<ul>\n<li>room number;<\/li>\n<li>floor;<\/li>\n<li>duration of stay (arrival and departure dates);<\/li>\n<li>use of a tourist package;<\/li>\n<li>preferred room type;<\/li>\n<li>VIP guest status.<\/li>\n<\/ul>\n<p><strong>4.4.<\/strong><strong> Additional information related to accommodation and restaurant services<\/strong><\/p>\n<ul>\n<li>special requirements and preferences, including those relating to food products, beverages, or other substances (irrespective of the reason).<\/li>\n<\/ul>\n<p><strong>Art.5.<\/strong><strong> Data related to payments and invoicing<\/strong><\/p>\n<ul>\n<li>information regarding the payment method (cash, bank transfer, credit card, etc.);<\/li>\n<li>information regarding due and completed payments;<\/li>\n<li>information regarding payment deadlines and overdue obligations;<\/li>\n<li>bank information (bank name, IBAN, account holder);<\/li>\n<li>payment currency;<\/li>\n<li>number, validity, and holder of credit\/debit cards;<\/li>\n<li>CVC code (used solely for payment authorisation and not stored by the Hotel);<\/li>\n<li>data contained in payment authorisation forms (slips);<\/li>\n<li>company name;<\/li>\n<li>company address;<\/li>\n<li>VAT number and\/or other identification, tax, or registration number, including the Unified Civil Number (UCN) for natural persons;<\/li>\n<li>signed authorisation forms.<\/li>\n<\/ul>\n<p><strong>Art.6<\/strong><strong>. For the purposes of organising corporate or private events at the Hotel<\/strong><\/p>\n<ol>\n<li>a) Names, employer, and position of the event organiser and the contact person designated by the legal entity organising the event;<\/li>\n<li>b) Email address and telephone number of the contact person;<\/li>\n<li>c) Information regarding the services to be used, the entity responsible for payment, and similar information.<\/li>\n<\/ol>\n<p><strong>Art.7<\/strong><strong>. In connection with the services and functionalities of the Hotel\u2019s website<\/strong><\/p>\n<p><strong>7.1.<\/strong><strong> &nbsp;Data related to hotel reservations<\/strong><\/p>\n<ul>\n<li>guest name;<\/li>\n<li>email address;<\/li>\n<li>telephone number;<\/li>\n<li>country;<\/li>\n<li>credit\/debit card number, validity, and holder;<\/li>\n<li>CVC code (used solely for payment authorisation and not stored by the Hotel);<\/li>\n<li>number of rooms;<\/li>\n<li>number of guests (including number of adults and children);<\/li>\n<li>duration of stay;<\/li>\n<li>corporate code \/ access code;<\/li>\n<li>discount code;<\/li>\n<li>reservation number;<\/li>\n<li>special offers and guest preferences.<\/li>\n<\/ul>\n<p><strong>7.2.<\/strong><strong>&nbsp; Communication data<\/strong><\/p>\n<p>Content of communications and inquiries addressed to Hotel staff through the Hotel\u2019s social media profiles (including Facebook, Instagram, LinkedIn, and others).<\/p>\n<p><strong>7.3.<\/strong><strong>&nbsp; Technical and system log information<\/strong><\/p>\n<p>Information obtained from access logs to user accounts, server logs, and security system logs (for example, Web Application Firewall logs), including:<\/p>\n<ul>\n<li>date and time;<\/li>\n<li>IP address;<\/li>\n<li>accessed URL;<\/li>\n<li>browser type and device information.<\/li>\n<\/ul>\n<p><strong>7.4.<\/strong><strong>&nbsp; Cookies<\/strong><\/p>\n<p>The proper functioning of the Hotel\u2019s website requires the use of cookies. Detailed information regarding the cookies used, their purpose, and the information processed through them can be found in the <strong>Cookie Policy<\/strong> (hyperlink) of The Mill Boutique Hotel.<\/p>\n<p>Pursuant to <strong>Art<\/strong><strong>.<\/strong><strong> 116(2) of the Tourism Act of the Republic of Bulgaria<\/strong>, all categories of data described above are necessary for the provision of the services and are stored for a period of <strong>five (5) calendar years<\/strong>.<\/p>\n<ol>\n<li><strong> VIDEO SURVEILLANCE AND SECURITY<\/strong><\/li>\n<\/ol>\n<p><strong>Art.8.<\/strong> In accordance with the requirements of the applicable legislation, The Mill Boutique Hotel implements security measures that include technical and organisational means for access control and for ensuring physical security against unlawful interference with the buildings and premises, as well as for the protection of the life and health of individuals. These measures include a video surveillance system operating 24 hours a day, consisting of recording and storage devices.<\/p>\n<p><strong>8.1.<\/strong> <strong>Video surveillance and recording <\/strong>may be carried out in publicly accessible areas and premises within the buildings of The Mill Boutique Hotel, as well as in areas subject to a special access regime. The recorded data are stored on DVR or NVR devices, with restricted access granted only to authorised persons who are entitled to access and process personal data.<br>Video surveillance is not conducted in guest rooms, sanitary facilities, staff rest areas, or other similar premises.<\/p>\n<p><strong>8.2.<\/strong> <strong>Video recordings of individuals <\/strong>are stored for a period of <strong>up to two (2) months<\/strong> from the date of recording, after which they are automatically deleted, unless a longer retention period is required in order to comply with a legal obligation of the Hotel.<\/p>\n<p><strong>8.3.<\/strong><strong> Data subjects and other visitors <\/strong>who may be recorded are informed about the use of video surveillance systems through information signs placed in visible locations, providing notice of the use of such technical means and other relevant information regarding the surveillance.<\/p>\n<ol>\n<li><strong> PRINCIPLES AND PURPOSES OF PERSONAL DATA PROCESSING<\/strong><\/li>\n<\/ol>\n<p><strong>Art.9.<\/strong> <strong>The Mill Boutique Hotel<\/strong>, operated by <strong>\u201cB.H.R.\u201d Ltd.<\/strong>, collects and processes personal data lawfully, fairly, and in accordance with the principles and rights of individuals relating to the processing of their personal data in the following cases:<\/p>\n<p><strong>9<\/strong><strong>.1. Processing necessary for compliance with a legal obligation<\/strong><\/p>\n<ol>\n<li>a) maintaining a register of accommodated tourists and submitting information from it to the competent authorities in accordance with the applicable legal procedures;<\/li>\n<li>b) calculation and payment of the tourist tax;<\/li>\n<li>c) handling and responding to signals, complaints, requests for the exercise of rights, and other similar communications;<\/li>\n<li>d) accounting, invoicing, and reporting of received and executed payments in accordance with the applicable tax and accounting legislation;<\/li>\n<li>e) other activities related to compliance with legal obligations of the Hotel (including tax, accounting, regulatory, licensing and similar obligations), including providing information and assistance during inspections by competent authorities.<\/li>\n<\/ol>\n<p><strong>9<\/strong><strong>.2. Processing necessary for the performance of a contract<\/strong><\/p>\n<p>Processing is necessary for the performance of a contract (including orders) to which a natural person is a party, or in order to take steps at the request of a natural person prior to entering into a contract where identification of that person is required.<\/p>\n<ol>\n<li>a) receiving, administering, and processing reservations and cancellations;<\/li>\n<li>b) customer service, including the provision of online services via the Hotel\u2019s website;<\/li>\n<li>c) communication related to the services provided;<\/li>\n<li>d) ensuring an individualised approach in the provision of services in accordance with the preferences expressed by the users;<\/li>\n<li>e) administration and receipt of payments for the services provided, including remote payments;<\/li>\n<li>f) financial and accounting activities, including the administration, processing, and collection of payments due for the services provided;<\/li>\n<li>g) refunding erroneously transferred amounts;<\/li>\n<li>h) conclusion, performance, and termination of employment contracts, as well as calculation of salaries and compensation for employees;<\/li>\n<li>i) conclusion and performance of contracts with suppliers who are natural persons;<\/li>\n<li>j) direct marketing activities for the purposes of sales and providing personalised offers, news, and promotions that may be of interest to you. This may include sending marketing communications via email, SMS, telephone calls, or other communication channels.<\/li>\n<\/ol>\n<p>Processing of personal data for marketing purposes is carried out only on the basis of the explicit consent of the data subjects, who have the right to withdraw their consent at any time by contacting us or by using the unsubscribe option included in every marketing message.<\/p>\n<p><strong>9<\/strong><strong>.3. Processing based on explicit consent<\/strong><\/p>\n<p>A natural person has given their <strong>explicit consent<\/strong> for:<\/p>\n<ol>\n<li>a) receiving marketing and promotional communications regarding special offers, packages, events, and similar activities;<\/li>\n<li>b) participation in surveys and providing feedback regarding the quality of the services;<\/li>\n<li>c) receiving newsletters and other informational communications.<\/li>\n<\/ol>\n<p><strong>9<\/strong><strong>.4. Processing necessary for the purposes of legitimate interests<\/strong><\/p>\n<p>Processing is necessary for the purposes of the legitimate interests pursued by The Mill Boutique Hotel or by a third party, in accordance with the provisions of the GDPR.<\/p>\n<ol>\n<li>a) exercising and protecting the lawful rights and interests of the Hotel, its clients, employees, business partners, and persons processing personal data on behalf of The Mill Boutique Hotel;<\/li>\n<li>b) analysis, planning, and improvement of the quality of the services provided by the Hotel;<\/li>\n<li>c) ensuring the proper functioning and use of the Hotel\u2019s website;<\/li>\n<li>d) carrying out and ensuring the provision of high-quality hotel and restaurant services.<\/li>\n<\/ol>\n<p><strong>9<\/strong><strong>.5. Legal purposes and compliance<\/strong><\/p>\n<p>In certain cases, it may be necessary to use the information provided, which may include personal data, in order to process and resolve legal disputes or claims, for regulatory investigations and compliance purposes, to enforce agreements, or to comply with lawful requests from law enforcement authorities, where required by law.<\/p>\n<p><strong>9<\/strong><strong>.6. Other cases provided for in the Regulation<\/strong><\/p>\n<p>Processing may also be carried out in other cases provided for in the <strong>General Data Protection Regulation (GDPR)<\/strong>.<\/p>\n<p><strong>Art.10<\/strong> <strong>The Mill Boutique Hotel<\/strong> ensures that the processing of personal data of individuals is carried out with maximum accuracy and kept up to date where possible. Access to and processing of personal data is limited to the minimum number of authorised persons (operators) who possess the necessary competence to process such data and the required commitment to ensure their protection.<\/p>\n<p><strong>VII. RECIPIENTS AND CATEGORIES OF RECIPIENTS<\/strong><\/p>\n<p><strong>Art.11.<\/strong> In connection with the implementation of the principles and purposes described above, The Mill Boutique Hotel may provide personal data of individuals to the following recipients:<\/p>\n<ol>\n<li>a) the <strong>National Revenue Agency (Bulgaria)<\/strong> in connection with the calculation of employee salaries;<\/li>\n<li>b) the National Social Security Institute (Bulgaria) in connection with the calculation of employee benefits and compensations;<\/li>\n<li>c) occupational health service providers in connection with the obligation to maintain up-to-date health status records of employees and to conduct periodic medical examinations;<\/li>\n<li>d) the <strong>General Labour Inspectorate Executive Agency (Bulgaria), the National Social Security Institute (Bulgaria), and the Ministry of Interior (Bulgaria)<\/strong> in connection with occupational accidents;<\/li>\n<li>e) the <strong>Unified Tourist Information System (ESTI),<\/strong> which is the centralised register where information regarding accommodated tourists is entered in accordance with the Tourism Act;<\/li>\n<li>f) other state or municipal authorities and\/or institutions in connection with legal obligations or lawful requests for information containing personal data;<\/li>\n<li>g) subcontractors engaged for the performance of contractual obligations.<\/li>\n<\/ol>\n<p><strong>VIII. REFUSAL TO PROVIDE PERSONAL DATA<\/strong><\/p>\n<p><strong>Art.12.<\/strong> The provision of the relevant personal data and\/or documents is mandatory and constitutes a requirement necessary for the conclusion or performance of a contract.<\/p>\n<p><strong>12<\/strong><strong>.1.<\/strong> Refusal to provide the required data or documents, or the provision of inaccurate information, may constitute an objective obstacle to the provision of services or may lead to suspension of access to services by the Hotel. In such cases, The Mill Boutique Hotel shall not be held liable for non-performance.<\/p>\n<p><strong>12<\/strong><strong>.2.<\/strong> Data subjects should not provide the Hotel with any special categories of personal data within the meaning of <strong>Articles 9 and 10 of the GDPR,<\/strong> including data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, or data concerning a natural person\u2019s sex life or sexual orientation, as well as personal data relating to criminal convictions and offences.<\/p>\n<p><strong>12<\/strong><strong>.3.<\/strong> Where additional clarification is required, any data subject may request such information directly from The Mill Boutique Hotel or submit an inquiry using the contact details provided at the end of this Policy.<\/p>\n<ol>\n<li><strong> DATA RETENTION PERIODS<\/strong><\/li>\n<\/ol>\n<p><strong>Art. <\/strong><strong>13<\/strong><strong>. The Mill Boutique Hotel<\/strong> processes and stores personal data in accordance with its internal rules and procedures and the applicable legislation for the following periods:<\/p>\n<ol>\n<li>a) Data contained in the register of accommodated tourists within the meaning of <strong>Article 116 of the Tourism Act of the Republic of Bulgaria<\/strong>, including identification data of accommodated persons and information related to hotel accommodation, shall be stored in accordance with the procedures and retention periods provided for in the Tourism Act and the relevant secondary legislation;<\/li>\n<li>b) Information related to requested and used hotel accommodation services, event services, and restaurant services, including cancelled hotel reservations (insofar as they relate to the reimbursement of prepaid amounts and\/or the retention of due amounts), shall be retained from the time the respective reservation or request is made for a period of <strong>up to five (5) years<\/strong> following the provision of the service, completion of the contract, or cancellation of the reservation;<br>Where the services are requested and used on the basis of a contract with continuous or long-term performance, the retention period shall commence upon the final completion and\/or termination of the contract.<\/li>\n<li>c) Financial and accounting documents, including invoices, authorisation forms, and other information related to tax and social security control, shall be retained for a period of <strong>up to ten (10) years<\/strong>, calculated from the beginning of the year following the year in which the payment obligation for the respective year becomes due;<\/li>\n<li>d) Unstructured communication, including correspondence, complaints, signals, and other similar communications, shall be retained for <strong>five (5) years<\/strong>;<\/li>\n<li>e) Video surveillance recordings shall be retained for <strong>up to two (2) months<\/strong>;<\/li>\n<li>f) Data processed on the basis of the explicit consent of the data subject shall be stored from the moment the consent is granted until such consent is withdrawn by the data subject;<\/li>\n<li>g) System logs, including logs related to security, technical maintenance, and other operational activities, which may contain data such as date and time, IP address, accessed URL, as well as information regarding the version of the browser and device used, shall be retained for <strong>up to one (1) year<\/strong>;<\/li>\n<li>h) Until deletion is requested by the respective natural person, where a legal basis exists for such request.<\/li>\n<\/ol>\n<p><strong>13.1.<\/strong> The personal data specified in this Policy may be processed for a longer period than those stated above, where this is necessary for the achievement of the purposes set out herein or for the protection of the rights and\/or legitimate interests (including through judicial proceedings) of The Mill Boutique Hotel, or where the applicable legislation requires the processing of such data for a longer period.<\/p>\n<p><strong>13.2.<\/strong> In all cases, The Mill Boutique Hotel shall ensure that at least once per year a review of the collected and processed personal data is carried out, and any data that falls within the above categories and whose retention period has expired shall be deleted without undue delay.<\/p>\n<ol>\n<li><strong> RULES FOR THE PROCESSING OF PERSONAL DATA<\/strong><\/li>\n<\/ol>\n<p><strong>Art. 9. <\/strong>Personal data shall be processed with the necessary levels and measures of protection. The Mill Boutique Hotel ensures appropriate levels of physical, organisational, and technological protection, taking into account:<\/p>\n<ol>\n<li>a) the nature, scope, context, and purposes of the personal data processing;<\/li>\n<li>b) the likelihood, level of impact, and severity of risk to the rights and freedoms of natural persons in the event of a breach of the security of the processed personal data;<\/li>\n<li>c) the financial and organisational capabilities of the Hotel;<\/li>\n<li>d) the implementation of all necessary measures for the timely restoration of collected and processed personal data in the event of loss resulting from accidental, malicious, or force majeure events;<\/li>\n<li>e) the implementation of appropriate technical, organisational, and technological measures to ensure controlled and traceable access to the personal data of natural persons.<\/li>\n<li><strong> RIGHTS OF DATA SUBJECTS<\/strong><\/li>\n<\/ol>\n<p><strong>Art. 10. <\/strong>In connection with the processing of personal data, each data subject has the following rights:<\/p>\n<ol>\n<li>a) the right to be informed regarding the processing of personal data;<\/li>\n<li>b) the right of access to personal data processed by the Hotel;<\/li>\n<li>c) the right to rectification of inaccurate personal data;<\/li>\n<li>d) the right to erasure of personal data (\u201cthe right to be forgotten\u201d);<\/li>\n<li>e) the right to restriction of processing of personal data;<\/li>\n<li>f) the right to be informed of actions taken in response to a request for rectification, erasure, or restriction of the processing of personal data;<\/li>\n<li>g) the right to data portability;<\/li>\n<li>h) the right to object to the processing of personal data;<\/li>\n<li>i) the right not to be subject to automated individual decision-making, including profiling, without human intervention.<\/li>\n<\/ol>\n<p><strong>CONTACT DETAILS OF THE COMPANY<\/strong><\/p>\n<p>If you have any questions or require clarification regarding the processing of your personal data, or if you wish to exercise any of your rights, you may contact us at:<\/p>\n<div>\n<ul>\n<li>Address: Archaeological Park District 2, 8230 Nessebar, Bulgaria<\/li>\n<li>Email: <a style=\"color: #b99d4b; text-decoration: underline;\" href=\"mailto:info@themill.bg\">info@themill.bg<\/a><\/li>\n<li>Telephone: +359 88800880<\/li>\n<\/ul>\n<\/div>\n<p><strong>COMPETENT SUPERVISORY AUTHORITY<\/strong><\/p>\n<p>Within the territory of the Republic of Bulgaria, the competent supervisory authority is the Commission for Personal Data Protection.<\/p>\n<p>If you believe that your rights related to the protection of your personal data have been violated, you have the right to lodge a complaint with the supervisory authority at:<\/p>\n<ul>\n<li><strong>Address:<\/strong> 2 Prof. Tsvetan Lazarov Blvd., 1592 Sofia, Bulgaria<br>\u2022 <strong>Email:<\/strong> kzld@cpdp.bg<br>\u2022 <strong>Telephone:<\/strong> +359 2 91 53 518<\/li>\n<\/ul>\n<p><strong>This Privacy Policy enters into force on:<\/strong> 1 April 2026<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>PRIVACY POLICY The Mill Boutique Hotel GENERAL INFORMATION Art.1. This document constitutes the Privacy Policy of the guests and clients of The Mill Boutique Hotel, operated by B.H.R. EOOD, and describes the principles and practices applied in the processing of personal data in connection with the services provided and the activities carried out by the [&hellip;]<\/p>","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-2720","page","type-page","status-publish","hentry"],"acf":[],"lang":"en","translations":{"en":2720,"bg":856},"_links":{"self":[{"href":"https:\/\/themill.bg\/en\/wp-json\/wp\/v2\/pages\/2720","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/themill.bg\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/themill.bg\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/themill.bg\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/themill.bg\/en\/wp-json\/wp\/v2\/comments?post=2720"}],"version-history":[{"count":23,"href":"https:\/\/themill.bg\/en\/wp-json\/wp\/v2\/pages\/2720\/revisions"}],"predecessor-version":[{"id":5625,"href":"https:\/\/themill.bg\/en\/wp-json\/wp\/v2\/pages\/2720\/revisions\/5625"}],"wp:attachment":[{"href":"https:\/\/themill.bg\/en\/wp-json\/wp\/v2\/media?parent=2720"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}