Astoria Grand Hotel

Astoria Grand Hotel, Sofia is managed by Astoria Group EOOD, Bulstat: 203033872

Legal information

Astoria Group Ltd.
BG203033872
203033872
Elza Radkova
Sofia, 8 Totleben Blvd.
Bulgaria

reservations@astoriagrandhotel.bg
Bank: United Bulgarian Bank AD
BIC CODE: UBBSBGSF
Account in BGN: IBAN BG08UBBS80021016556040

Actions for making payments via the Internet

You can pay for your products with VISA and MASTERCARD credit cards, VISA Electron international debit cards, VPAY, MAESTRO national debit cards with the BORICA logo.
With this choice, your payment is processed in real time, there is no delay in the order and payments are free of charge!

Virtual POS terminal supports the latest security programs of MasterCard (MasterCard SecureCode) and VISA (Verified by VISA). These are additional protection when shopping online, and it is necessary to enter a password for 3D authentication when paying online. If you have a credit card, ask your issuing bank about the VISA and MASTERCARD security programs, and register your 3-D password for more secure online payments.

Please note that in no way do we have access to or record the card information you enter when paying online – card number, validity, CVV2 or CVC2 credit card code, 3-D password, secret code for online payment with MAESTRO debit card with the Borika logo.

If you have not shopped online with a MAESTRO debit card with the BORICA logo, you need to generate a secret code for online payments. You can read additional information on the BORICA website: http://www.borica.bg/

Online payment by credit and debit cards

  1. 1. Once you have filled in the required information in the form, finalizing the transaction by clicking the “PAYMENT“ button, you will be transferred to the secure SSL payment server, where the online payment is made.

    2. Select a card with which you will make the payment.
    Select the “Card type“ you will use to make the online payment from the drop-down menu.

    3. Necessary data for payment by debit card
    After selecting from the menu “Card type“ it is necessary to fill in the fields “Card number“ and “Valid until“ (field format is MM / YY) and “CVV2 / CVC2 code“.

    To finalize your debit card payment, you may need to enter a “Secret Code“ for online payments. You can generate the secret code from an ATM device or in the ways described at: http://www.borica.bg/. Once you have filled in the “Secret Code“ field, click the “pay“ button to finalize the online payment.

    If your credit card is additionally protected with a 3-D password SecureCode for cards with the MasterCard logo and Verified by Visa for online payments, you will need to enter the 3D authentication password before finalizing the online payment.

    Your CVV2 / CVC2 for online payments is written on the back of your card, in the signature field. The code is the last three digits of the number written there.

    4. The payment server authorizes the payment and debits the available funds on the client’s card with the transaction price.

    5. The payment server returns a response as to whether the operation was successful

Cancellation policy

Non Refundable rate
The reservation cannot be canceled.
In case of cancellation, the penalty is equal to the full value of the reservation.

Flexible tariff
The reservation can be canceled or modified up to 24 hours before the day of arrival, without penalty.
In case of cancellation outside the set period, the penalty is equal to the value of 1 night.

Return policy

Upon cancellation, the relevant policy is applied, for the specific period of accommodation, to the tariff that was applied when creating the reservation.

The policy for refund in connection with payments made by bank card

Amounts charged on reservations to guests who have canceled or overpaid the amounts due on their reservations, in accordance with the cancellation policy and the tariff under which they are made, are refunded within 10 working days from the date of receipt of the cancellation by written agreement between the parties. the amount to be recovered.

Reimbursement period

The term for reimbursement of amounts paid with bank cards is up to 10 working days from the date on which the exact amount is agreed between the parties (client and hotel).

MEASURES TO PROTECT THE PERSONAL DATA OF CARD HOLDERS

  1. 1. Personal data within the meaning of Regulation / EU / 2016/679 of the European Parliament and of the Council of Europe of 27 April 2016 / Regulation / and the Personal Data Protection Act is any information relating to a natural person who is identified or can be identified directly or indirectly by an identification number or by one or more specific features.

    1.1. Astoria Group Ltd., UIC 200615942, with registered office and address of management: Sofia, p.k. 1606, 8 Gen. Totleben blvd., represented by Elza Radkova, is an administrator of personal data on the provision of tourist services in the Astoria Grand Hotel managed by the company, with address : 8 Gen. Totleben blvd., Sofia, Bulgaria; tel .: +359 2 906 31 00, website: www.astoriagrandhotel.bg
    The contact person in connection with the processing of personal data by is Diana Gerginova.

    2. Astoria Group Ltd. collects, processes and stores personal data in order to provide tourist services and services such as individual trips, organized trips, hotel accommodation and others. Astoria Group Ltd. collects personal data directly from the persons to whom it provides tourist services, and the personal data are stored responsibly and lawfully.
    The provision of personal data is voluntary.

    2.1. 2.1 Astoria Group Ltd. collects, processes and stores personal data on the basis of:

    2.1.1. 2.1.1. Explicit consent of the data subject.

    2.1.2. 2.1.2. Fulfillment of contractual obligations.

    2.1.3. 2.1.3. Fulfillment of legal obligations that apply to Astoria Group Ltd.

    2.2. 2.2. As a controller of personal data and in order to facilitate and quickly pay for the provided tourist services, the subjects of personal data can take advantage of the opportunity to pay for the requested tourist services by bank transfer via credit / debit card. In view of the provided opportunity for payment by bank transfer via credit / debit card, Astoria Group Ltd. also processes the following category of personal data and information:

    2.2.1. 2.2.1. Credit / debit card information, namely card type and number, cardholder’s name, validity date and security code.

    2.2.2. 2.2.2. Financial information or invoice data.

    3. Astoria Group Ltd. takes care of protection and prevention of unauthorized access, improper use, change, destruction or accidental loss of the cardholders’ bank data. This includes the use of special security rules by the employees of Astoria Group Ltd. , who have access to servers and databases in which the personal information of the cardholders is stored.

    3.1. 3.1. Astoria Group Ltd. is obliged to notify the personal data subject / cardholder / if:
    – there is a high-risk breach of the rights and freedoms of the data subject, as well as what measures have been taken to control the breach;
    – there is an infringement that will not lead to a high risk for the rights and freedoms of the data subject, as well as for the measures taken to ensure the termination of the infringement.

    4. In order to maximally protect the provided personal bank data, Astoria Group Ltd. has taken extensive technical and organizational precautionary measures to avoid accidental or intentional manipulation, accidental loss, illegal destruction or unauthorized access by unauthorized persons, modification or distribution, as well as from other illegal forms of processing of the provided personal data by the cardholder. Security procedures are regularly reviewed and reviewed to take account of technological advances. Процедури за сигурност редовно се проверяват и преразглеждат, за да се вземе предвид технологичния напредък.

    5. For maximum protection of the personal bank data provided to the cardholders, Astoria Group Ltd. has taken the following technical and organizational measures: 5.1. The forms for providing consent for the collection, storage and processing of personal data, including bank data, filled in by the clients are included in a documentary register and are stored in special cabinets. Access to the cabinets is controlled by authorized persons, locking of the premises and cabinets, security alarm, security and alarm system. 5.2. The electronic information register is built in the form of files. The databases are accessible only by authorized persons and only to the data and resources necessary for the performance of their duties. 5.3. The access to the information system is carried out only after authorization with a unique name and password. Restricting access to the information system containing personal data is limited by introducing access levels. When transmitting information electronically, protection is provided by encrypting, archiving and subsequently recovering the data in order to protect it from loss or destruction. It is possible to monitor each operation, as well as the date and time of its execution, protection of the information system through anti-virus programs and a firewall. 5.4. The processing of personal data, including bank data, is carried out in compliance with the requirements of the Regulation and the Personal Data Protection Act.

    5. For maximum protection of the personal bank data provided to the cardholders, Astoria Group Ltd. has taken the following technical and organizational measures: 5.1. The forms for providing consent for the collection, storage and processing of personal data, including bank data, filled in by the clients are included in a documentary register and are stored in special cabinets. Access to the cabinets is controlled by authorized persons, locking of the premises and cabinets, security alarm, security and alarm system.

    5.2. The electronic information register is built in the form of files. The databases are accessible only by authorized persons and only to the data and resources necessary for the performance of their duties.

    5.3. The access to the information system is carried out only after authorization with a unique name and password. Restricting access to the information system containing personal data is limited by introducing access levels. When transmitting information electronically, protection is provided by encrypting, archiving and subsequently recovering the data in order to protect it from loss or destruction. It is possible to monitor each operation, as well as the date and time of its execution, protection of the information system through anti-virus programs and a firewall.

    5.4. The processing of personal data, including bank data, is carried out in compliance with the requirements of the Regulation and the Personal Data Protection Act.

    6. Astoria Group Ltd. may disclose the personal data of the cardholders only to persons and bodies specified in a normative act, in order to fulfill its legal obligations.

    6.1. No transfer of personal data to cardholders to third parties is performed, unless Astoria Group Ltd. is legally obliged to do so, or the transfer of data is necessary for the performance of the contractual relationship or the cardholder has previously given explicit consent for transfer. of his data.

    7. The personal bank data of the cardholder shall be deleted as soon as the purpose for which they were stored has already been fulfilled or is not valid. Storage may also take place if required by European or national legislation. Personal bank data are also deleted / deleted / if the statutory storage period prescribed by regulations expires, unless it is necessary to continue the storage of data for the purposes of concluding or executing a contract.