top of page



This Privacy Statement describes how we use or otherwise process Personal Data we collect from you.


This Privacy Statement does not apply to any products, services, websites, or apps that are owned and operated by third parties or are subject to their own privacy policies.

If you have any questions about this Privacy Statement or Blue Gate’s privacy management practices, please contact us at

Capitalized terms used in this Privacy Statement will have the meanings set forth below. Lower case terms not defined in this Privacy Statement, such as “processing”, “controller”, “processor”, and “data subject” will have the same meaning as set forth in Article 4 of the GDPR.


Blue Gate means Blue Gate OOD, a Bulgarian limited liability company, whose registered address is selo Tsatsarovtsi, Dragoman municipality, Bulgaria, postal code 2220, Business number (ЕИК) 205567412.


Customer (also “you”, your”) means any person who accesses our website and/or reserves one or more Services via our website or other online platforms such as partners’ websites and social media (including through email or telephone contact).


GDPR means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).


Personal Data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.


Service means each of the services or products offered by us from time to time.


Personal Data We May Collect from You


We collect your Personal Data (a) directly from you, (b) through our interactions with us, including when you contact or request information from us using the form provided on our website or when you report a problem with our services, and (c) when you make your personal data public (for example, when you make a public post on social media or when you comment or leave a review on any of our Services). 


We may collect and use the following Personal Data about you:

  • your name;

  • contact information, such as your e-mail address and phone number;

  • email and other online communication;

  • any other Personal Data that you voluntarily choose to provide to us;


We may also collect additional identification information from you to comply with government regulations.


Our Purposes for Collecting and Processing Personal Data

We collect and process Personal Data for the primary purpose of providing you with our Services, including for the following purposes:

  • to verify your identity;

  • to communicate with you (e.g., respond to your request for information);

  • to confirm your reservation or booking;

  • billing and accounting purposes;

  • comply with any applicable law or court order, or the requirements of a regulatory authority (e.g., a personal data protection authority);

  • to establish and maintain customer mailing lists;

  • to meet our insurance requirements;

  • to protect the rights or safety of us or third parties, including to enforce our agreements with you;

  • to carry out any other purpose to which you consent; and

  • as permitted by, and to comply with, legal requirements.​


Our Legal Basis for Processing Your Personal Data

The Personal Data we process may be necessary:

  • for entry into, or performance of any agreements with you. This applies to the majority of the processing described in this privacy statement;

  • to comply with legal and regulatory obligations (e.g., accounting and record keeping);

  • for the legitimate interest of us or others, where these are not overridden by your interests or fundamental rights and freedoms.


​In limited circumstances, where the legal bases for processing set out above do not apply, we may process your Personal Data with your consent. If we are relying on your consent to process your Personal Data, you have the right to withdraw your consent at any time.

When and How We Share Your Personal Data with Others

We may share your personal data with third parties where required by law, where it is necessary to perform our agreement with you, or where we have a legitimate interest in doing so. Such third parties may include:

  • regulatory authorities;

  • our advisors, such as accountants and lawyers;

  • insurers;

  • our processors to whom we outsource certain services, such as computer back-up or website or email hosting services;

  • postal services providers;

  • any party as needed in connection with legal proceedings or as required by law;



We may hire processors to host our website and to carry out specific processing activities on behalf of Blue Gate. You hereby authorize Blue Gate to appoint processors (and permit each processor appointed to appoint sub-processors), provided that Blue Gate remains liable for the acts and omissions of its processors to the same extent Blue Gate would be liable if performing the services of each processor directly.

Data Security

We have implemented and will maintain appropriate technical, physical, and organizational measures to protect Personal Data from misuse or accidental, unlawful, or unauthorized destruction, loss, alteration, disclosure, acquisition or access during the processing.


Personal Data Breach Notification

If Blue Gate becomes aware of a personal data breach within the meaning of the GDPR, we will promptly (a) notify Customer of the personal data breach, (b) gather and provide Customer with information about the personal data breach, which must include, at a minimum, the information specified in Article 33(3) of the GDPR, and (c) take reasonable steps to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.


Data Deletion

Upon Customer’s request, we will, at the choice of Customer, return all the Personal Data and copies of such data to Customer or delete them and will certify to Customer that it has done so, unless EU or Bulgarian law requires storage of the Personal Data.


Your Privacy Rights 

Under certain circumstances, by law you have the right to:

  • request a copy of your Personal Data;

  • correct any inaccurate or incomplete Personal Data we hold about you;

  • request that we erase your Personal Data;

  • request that we restrict the processing of your Personal Data;

  • have your Personal Data transferred to another party;

  • object to certain types of processing of your Personal Data by us;

  • withdraw your consent; and

  • the right to file a complaint with the supervisory authority.


How to Contact Us

If you have any questions, concerns, or a complaint regarding the processing of your personal data, please contact us at


Filing a Complaint

If you have any concerns regarding the treatment of your privacy, you may report it directly to the relevant supervisory authority. You may contact the Bulgarian Personal Data Protection Commission at the following address: 2 Prof. Tzvetan Lazarov St., Sofia 1592, email:

bottom of page