Privacy policy
I. INTRODUCTION
Welcome to www.icebergskibansko.com/ ("Website" or "Website"), which is made for the benefit and by order of "ICEBERG MI" Ltd., with UIC: 206664615, with registered office and address: Bansko, 1 Knyaz Boris Str., Contact phone: 00359 895 700 670.
BY USING THIS WEBSITE, YOU AGREE TO THE TERMS AND CONDITIONS REGARDING THE COLLECTION, USE AND DISCLOSURE OF YOUR PERSONAL DATA IN THE FACILITIES.
PLEASE READ THIS PRIVACY POLICY CAREFULLY BEFORE USING THIS WEB SITE AND IF YOU HAVE QUESTIONS ABOUT THIS PRIVACY POLICY, please contact us on 00359 895 700 670 OR ICEBERGBANSKO@GMAIL.COM. IF YOU DO NOT AGREE TO ANY OF THE TERMS CONTAINED IN THIS PRIVACY POLICY, YOU SHOULD NOT USE THIS WEBSITE.
PERSONAL DATA ADMINISTRATOR
ICEBERG MI Ltd. (hereinafter referred to as "Administrator") is a Limited Liability Company, with UIC: 206664615, with registered office and address of management: Bansko, 1 Knyaz Boris Str., Telephone for contacts: 00359 895 700 670 and website: www.icebergskibansko.com.
SUPERVISOR:
Commission for Personal Data Protection
Address: Sofia, p.k. 1592, bul. „Prof. Tsvetan Lazarov ”2
Contact details: 02/915 35 18; 02/915 35 15; 02/915 35 19; kzld@cpdp.bg, www.cpdp.bg
II. OBJECTIVES AND SCOPE OF THE PRIVACY POLICY
1.1 The controller understands the views of visitors to this website on the protection of personal data and is committed to protecting their personal data by applying all standards for personal data protection according to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC. With this Privacy Policy, the Administrator respects privacy
of the personal data of individuals and makes all necessary efforts to protect the personal data of individuals against unauthorized processing through the application of technical and organizational measures for personal data protection, which measures are fully consistent with modern technological advances and provide a level of protection corresponds to the risks associated with the processing and the nature of the data to be protected.
1.2 With this Privacy Policy and in compliance with the requirements of Regulation (EU) 2016/679, the Provider provides information on:
- the objectives and scope of the privacy policy;
- personal data collected and processed by the provider;
- the purposes of the processing of personal data;
- period of storage of personal data;
- mandatory and voluntary nature of the provision of personal data;
- processing of personal data;
- protection of personal data;
- the recipients or categories of recipients to whom the data may be disclosed;
- rights of individuals;
- procedure for exercising the rights;
- right to object;
- buttons, tools and content from other companies;
- changes to the privacy policy.
III. DEFINITIONS
2.1 For the purposes of Regulation (EU) 2016/679 and this policy, those terms have the following meanings:
Personal data means any information relating to an identified natural person or an identifiable natural person ("data subject"); an identifiable natural person is an identifiable person, directly or indirectly, in particular by an identifier such as name, identification number, location data, online identifier or one or more features specific to the natural, the physiological, genetic, mental, intellectual, economic, cultural or social identity of that individual.
Processing of personal data means any operation or set of operations carried out with personal data or a set of personal data by automatic or other means such as collecting, recording, organizing, structuring, storing, adapting or modifying, retrieving, consulting, using, disclosing by transmission , disseminating or otherwise making the data accessible, arranging or combining, restricting, deleting or destroying it.
Restriction of processing means marking stored personal data in order to limit their processing in the future.
Profiling means any form of automated processing of personal data, in the form of the use of personal data for the assessment of certain personal aspects relating to an individual, and in particular for the analysis or forecasting of aspects relating to the performance of professional duties. an individual, his economic condition, health, personal preferences, interests, reliability, behavior, location or movement.
Administrator means a natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union law or the law of a Member State, the controller or the specific criteria for determining it may be laid down in Union law or in the law of a Member State.
Processor of personal data means a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller.
Recipient means a natural or legal person, public authority, agency or any other body to which personal data are disclosed, whether a third party or not. At the same time, public authorities which may receive personal data in the context of a specific investigation in accordance with Union law or the law of a Member State shall not be considered as "recipients"; the processing of such data by those public authorities complies with the applicable data protection rules in accordance with the purposes of the processing.
Third party means a natural or legal person, public authority, agency or any other body other than the data subject, the controller, the processor and the persons who, under the direct supervision of the controller or the processor, have the right to process personal data.
Consent of the data subject means any freely expressed, specific, informed and unambiguous indication of the data subject's will, by means of a statement or clearly confirmatory action expressing his or her consent to the processing of personal data relating to him or her.
Violation of the security of personal data means a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to personal data that is transmitted, stored or otherwise processed.
IV. PRINCIPLES IN THE PROCESSING OF PERSONAL DATA
3.1 The controller follows the following principles when processing personal data of individuals, namely:
Personal data are processed lawfully, in good faith and in a transparent manner with regard to the data subject ("lawfulness, good faith and transparency");
Personal data is collected for specific, explicit and legitimate purposes and is not further processed in a way incompatible with those purposes;
Personal data are relevant, relevant and limited to what is necessary for the purposes for which they are processed ("minimizing data");
Personal data is accurate and, if necessary, kept up to date ("accuracy");
Personal data are stored in a form that allows the identification of the data subject for a period not longer than necessary for the purposes for which the personal data are processed ("storage restriction");
Personal data are processed in a way that ensures an appropriate level of security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, by applying appropriate technical or organizational measures ("integrity and confidentiality").
V. PERSONAL DATA COLLECTED AND PROCESSED BY THE ADMINISTRATOR
A. Processing of special categories of personal data ("sensitive data")
4.1 The controller does not collect or process special categories of personal data, such as: personal data revealing racial or ethnic origin, political views, religious or philosophical beliefs or trade union membership, genetic data, biometric data for the sole purpose of identifying an individual , data on the state of health or data on the sexual life or sexual orientation of the natural person. Individuals must not provide such sensitive data to the Administrator. In the event that the individual intentionally provides sensitive data to the Administrator, the Administrator undertakes to delete them immediately.
B. Personal data collected directly from individuals
Personal data collected directly from individuals when individuals contact the Administrator by telephone
5.1 Individuals provide personal data to the Administrator when they contact the Administrator by phone. The telephone number for contact with the Administrator is indicated in the identification data of the Administrator in this Privacy Policy and in the menu "Contacts", where the contact details with the Administrator are provided. When the person contacts the Administrator by phone, the Administrator collects and processes only the name and telephone number of the individual, and in some cases the e-mail address and the address of residence of the individual. This data is processed for the purposes of communication with the individual. The processing of this personal data is necessary:
- for the realization of the legitimate interests of the Administrator, which legitimate interests are answering the received calls and sending e-mails in connection with inquiries received by phone.
- for actions prior to the conclusion of a contract and taken at the request of the natural person, namely providing more information on the services offered by the Administrator in connection with the possible conclusion of a contract with the natural person.
The administrator uses the services of a telephone service provider, which provider is located in the Republic of Bulgaria.
Personal data collected directly from individuals when individuals contact the Administrator through the contact form on the site to contact the Administrator
5.2 Individuals provide personal data to the Administrator when they contact the Administrator by sending a message using the contact form on the site of the Administrator, located at: http://www.icebergskibansko.com/kontakti/. When the person sends a message to the Administrator using the contact form to make contact, the Administrator collects and processes the name of the individual, e-mail address, telephone number, which does not have to be filled in and other information provided by the person in the sent message, such as address and or names. This data is processed for the purposes of communication with the individual and record keeping. The processing of this personal data is necessary:
- for realization of the legitimate interests of the Administrator, which legitimate interests are sending a reply to the received messages, as well as saving the received messages.
- for actions prior to the conclusion of a contract and taken at the request of the natural person, namely providing more information on the services offered by the Administrator in connection with the possible conclusion of a contract with the natural person.
The administrator uses the services of an e-mail service provider to store the received emails on a server of the provider, which server is located in the Republic of Bulgaria.
Personal data collected directly from individuals when individuals contact the Administrator by e-mail
5.3 Individuals provide personal data to the Administrator when they contact the Administrator by e-mail. The Administrator's e-mail address is specified in the Administrator's identification data in this Privacy Policy and in the "Contacts" menu, where the contact details of the Administrator are provided. When the person sends an email to the Administrator, the Administrator collects and processes the e-mail address, as well as other information that the person provides in the sent e-mail, such as name, telephone number, address. This data is processed for the purposes of communication with the individual and record keeping. The processing of this personal data is necessary:
- for realization of the legitimate interests of the Administrator, which legitimate interests are sending a reply to the received messages, as well as saving the received messages.
- for actions prior to the conclusion of a contract and taken at the request of the natural person, namely providing more information on the services offered by the Administrator in connection with the possible conclusion of a contract with the natural person.
The administrator uses the services of an e-mail service provider to store the received emails on a server of the provider, which server is located in the Republic of Bulgaria.
Personal data collected directly from individuals when individuals contact the Administrator by sending a message using the Facebook platform
5.4 Individuals provide personal data to the Administrator when they contact the Administrator by sending a message using the Facebook platform through the Facebook messaging service, accessible through the administrator's Facebook page. When the person sends a message to the Administrator by using the Facebook platform through the Facebook messaging service, the Administrator collects and processes the name of the individual as well as other information that the person provides in the sent message. This data is processed for the purposes of communication with the individual and record keeping. The processing of these personal data is necessary for the realization of the legitimate interests of the Administrator, which legitimate interests are sending a response to the received messages, as well as saving the received messages. The administrator uses the services of Facebook, an independent service provider located in the United States, to receive messages through the Facebook platform. This means that the personal data provided will be stored on Facebook's servers in the United States. Appropriate data should be provided for the transfer of this personal data outside the European Economic Area
guarantees according to Article 46 of Regulation (EU) 2016/679. Facebook certifies that it adheres to the principles of "Data Protection in EU-US Relations". Facebook has its own Privacy Policy and individuals are advised to read it to get more information. Facebook's privacy policy is posted at: https://www.facebook.com/policy.php
Personal data collected directly from individuals when individuals make a reservation on the website
5.5 Individuals provide personal data to the Administrator when making a reservation on the website of the Administrator. When making a reservation, the individual provides the following personal data, which the Administrator collects and processes, namely: name and surname of the individual, e-mail address and telephone number. The collection and processing of this personal data is necessary: - to realize the legitimate interests of the Administrator, which legitimate interests are to enable the individual to make a reservation on the website of the Administrator in order to maintain the services preferred by the individual and to purchase services preferred by the individual; - with a view to concluding or executing a contract for the purchase of a service. The data of the individuals are stored on a server of a hosting service provider, which provider is registered in the Republic of Bulgaria.
5.6 Individuals provide their e-mail address when they wish to subscribe to receive a newsletter. When the person subscribes to receive newsletters containing publications and useful information about the goods offered by the Administrator, promotional offers and the like, the Administrator collects and processes the e-mail address of the individual. This data is processed for the purpose of sending ballots to the person. The reason for processing this personal data is the explicit consent of the individual.
C. Personal data of individuals provided by third parties
6.1 The administrator does not normally receive personal data about individuals from third parties. However, in some cases, if the Administrator has reasonable grounds to suspect that an individual is infringing intellectual property rights and other similar cases, then the Administrator has the right to obtain personal data of the suspect from public registers, such as: Commercial register, the register of registered trademarks kept by the Patent Office of the Republic of Bulgaria and the like. This data may be collected and processed for the purpose of bringing an infringement action against the infringer. The processing of personal data collected from a public register is necessary for the purposes of the legitimate interests of the Administrator, which legitimate interests are filing a claim for a violation against the infringer, as well as on a legal basis.
D. Data collected automatically
7.1 When visiting the website, the Administrator automatically collects the following data, namely:
Internet Protocol (IP) address of the device from which the individual accesses the platform (usually used to determine the country or city from which the individual accesses the platform);
Type of device from which the individual accesses the platform (eg computer, mobile phone, tablet, etc.);
Type of operating system;
Browser type;
The specific actions that the individual takes, including the pages visited, the frequency and duration of visits to the website;
Date and time of visits.
VI. COOKIES
8.1 Individuals can obtain more information on how the Administrator uses cookies by reading the Cookie Policy of: www.icebergskibansko.com
VII. PURPOSES FOR WHICH PERSONAL DATA IS PROCESSED
9.1 The controller collects and processes the personal data of the natural persons, which are provided directly by them only for the following purposes, namely:
in order to provide services offered by the Administrator, namely the sale of services and identification of individuals (future and current customers);
to make contact with the individual by e-mail so that the Administrator can respond to the request received from the individual;
for fulfillment of obligations under a contract to which the natural person to whom the data relate is a party, as well as for actions prior to the conclusion of a contract and taken at his request;
for fulfillment of a normatively established obligation of the Personal Data Administrator, in accordance with the applicable law;
for sending the goods purchased by the individual;
for sending information bulletins, which contain information about received new packages, discounts, etc. Newsletters are sent only after the administrator has obtained the explicit consent of the individual;
accounting purposes;
statistical purposes.
9.2 The controller collects and processes the personal data of individuals, which are automatically collected for the following purposes, namely:
- improving the efficiency and functionality of the website;
- production of anonymous statistics on the way in which the website has been used.
9.3 The controller is not allowed to use the personal data of individuals for purposes other than the purposes specified in this section of this Privacy Policy.
VIII. PERIOD OF STORAGE OF PERSONAL DATA
10.1 Inquiries and correspondence by e-mail, Facebook: The administrator stores personal data and received messages by e-mail and Facebook for a period necessary to respond to the received message and to satisfy the request of the individual, as well as for a period of one year after The administrator has responded to the received message.
10.2 Personal data of persons who have purchased a service: The Administrator stores the personal data of the persons who have purchased goods from the Administrator for a period of ten years, which is the legally established period for storage of customer invoices.
10.3 Personal data of persons who have subscribed to receive a newsletter: The administrator stores the personal data of persons who have subscribed to receive a newsletter until the person unsubscribes from the option to receive a newsletter or until the service is terminated by the administrator.
B. Criteria for determining the period for which personal data will be stored
10.3 In other cases not specified above, the Administrator will store the personal data of the individual for no more than necessary, taking into account the following criteria, namely: - whether the Administrator undertakes to comply with a legal obligation to continue the processing of the personal data of the natural person; - the purpose of storing personal data both now and in the future; - whether a contract has been concluded between the Administrator and the natural person and the Administrator is obliged to continue processing the personal data in order to fulfill the obligations under the contract; - goals for the use of personal data now and in the future; - whether it is necessary to make contact with the individual in the future; - whether the Administrator has a legal basis to continue processing the personal data of the individual; - any other valid reasons, such as the nature of the relationship with the individual.
IX. MANDATORY AND VOLUNTARY NATURE OF PROVIDING PERSONAL DATA
11.1 The personal data required to be provided by individuals are in accordance with the services offered by the Administrator and are mandatory. The provision of personal data by individuals is voluntary. In case the provision of personal data is refused:
- The administrator will not be able to provide the desired service by the individual;
- The administrator will not be able to receive the email from the user if the user does not fill in the necessary information in the contact form;
- The individual will not be able to make a reservation on the site.
X. PROCESSING OF PERSONAL DATA
12.1 The controller processes the personal data of individuals through a set of actions that can be performed by automatic or non-automatic means.
12.2 The Administrator processes the personal data of the natural persons independently or by assigning a data processor on behalf of the Administrator, who is the accountant of the company, which is based in the Republic of Bulgaria.
XI. PROTECTION OF PERSONAL DATA
13.1 The controller shall take the necessary technical and organizational measures to protect personal data from accidental or unlawful destruction, or accidental loss, from unauthorized access, alteration or dissemination, and from other unlawful forms of processing, namely:
- all personal information that the individual provides to the Administrator is stored on secure and reliable servers and folders;
- when exercising the right of access by the natural person, the Administrator verifies the identity of the natural person before providing him with the requested information.
13.2 Comprehensive information on the technical and organizational measures taken by the administrator is available in the Instruction on the mechanism of personal data processing and their protection in the maintained registers containing personal data with the Administrator. In case you want to receive detailed information about the technical and organizational measures, please do not hesitate to contact us at 00359 895 700 670 or at icebergbansko@gmail.com.
XII. RECIPIENTS TO WHOM PERSONAL DATA CAN BE DISCLOSED
14.1 The controller has the right to disclose the processed personal data to the following categories of persons, namely:
to the natural persons to whom the data relate;
to persons, if provided for in a normative act, for example state bodies (NRA, Patent Office, Commercial Register, etc.);
to persons processing personal data who provide services for the benefit of the business activities of the Provider, such as an accountant of the Administrator and courier organizations, as these persons are bound by a duty of confidentiality, and these persons have provided sufficient guarantees for implementation appropriate technical and organizational measures in such a way that the processing takes place in accordance with the requirements of the Regulation and ensures the protection of the rights of individuals.
14.2 The administrator does not sell personal data provided by the individual to third parties.
XIII. RIGHTS OF INDIVIDUALS
RIGHTS OF INDIVIDUALS
Right of access
15.1 The individual has the right to receive confirmation from the Administrator whether personal data related to him are processed, and if so, to gain access to the data - the relevant categories of personal data.
Right of adjustment
15.2 The individual has the right to request from the Administrator to correct without undue delay the inaccurate personal data related to him. Taking into account the purposes of the processing, the natural person has the right to fill in the incomplete personal data, including by adding a declaration.
Right to be deleted ("right to be forgotten")
15.3 The individual has the right to request from the Administrator the deletion of the personal data related to him without undue delay, and the Administrator has the obligation to delete the personal data without undue delay, when any of the grounds specified in Article 17 of Regulation 2016/679 is applicable.
Right to limit processing
15.4 The natural person has the right to request from the Administrator restriction of the processing, when one of the conditions specified in art. 18 of Regulation 2016/679 is applied. Where a restriction on processing is granted, such data shall be processed, except for their storage, only with the consent of the individual or for the establishment, exercise or protection of legal claims or for the protection of the rights of another individual or for important reasons of public interest. for the Union or a Member State. When the natural person has requested a restriction of processing, the Administrator shall inform him before the lifting of the restriction of processing.
Right to data portability
15.5 The natural person has the right to receive the personal data concerning him and which he has provided to the controller, in a structured, widely used and machine-readable format, when the processing is based on consent in accordance with a contractual obligation and the processing is carried out according to automated way.
Right to object
15.6 The natural person has the right, at any time and on grounds related to his specific situation, to object to the processing of personal data concerning him. Pursuant to Article 21, paragraph 4 of Regulation 2016/679, the natural person is explicitly notified of the existence of the right to object, which is presented in a clear manner and separately from any other information. To fulfill this obligation, more information on the right to object can be found in the section below entitled "Right to object".
Right to withdraw consent
15.7 The natural person has the right to withdraw the consent given by him at any time. Withdrawal of consent shall not affect the lawfulness of the processing based on a consent prior to its withdrawal. The individual may withdraw his consent in accordance with the procedure specified in Section XIV of this Privacy Policy.
Profiling rights
15.8 The individual has the right not to be the subject of a decision based solely on automated processing, including profiling, which has legal consequences for the data subject or similarly affects him significantly.
Right to be notified of a breach of personal data security
15.9 Where the breach of personal data security is likely to pose a high risk to the rights and freedoms of individuals, the individual must be notified, without undue delay, of the breach of personal data security.
Right to judicial and administrative protection
Right to lodge a complaint with a supervisory authority
15.10 The natural person has the right to lodge a complaint with a supervisory authority, in particular in the Member State of habitual residence, place of work or place of the alleged infringement, if the natural person considers that the processing of personal data concerning him infringes the provisions of Regulation.
Right to effective judicial protection against a supervisory authority
15.11 Every natural or legal person is entitled to an effective remedy by a supervisory decision which is binding on him. Proceedings against a supervisory authority shall be instituted before the courts of the Member State in which the supervisory authority is established.
Q: Right to effective judicial protection against a controller or processor
15.12 Without prejudice to any available administrative or non-judicial remedies, including the right to lodge a complaint with a supervisory authority, a natural person shall have the right to effective judicial protection when he considers that his rights under the Regulation have been infringed as a result of processing of his personal data which is not in accordance with the Regulation. Proceedings against a controller or processor shall be instituted in the courts of the Member State in which the controller or processor is established.
Right to compensation for damages
15.13 Any person who has suffered material or non-material damages as a result of a violation of the Regulation is entitled to receive compensation from the Administrator or processor for the damages. Legal proceedings in connection with the exercise of the right to compensation shall be instituted before the courts of the Member State in which the controller or processor has its place of establishment.
XIV. PROCEDURE FOR EXERCISE OF RIGHTS
16.1 Individuals exercise their right to withdraw consent, the right of access, the right to delete, correct, the right to restrict processing, the right to data portability, the right to object and the rights of profiling by submitting a written request to the Administrator ( or by mail to the address specified in the Administrator's identification above in this Privacy Policy or by email), which should contain the following information:
name, address and other data for identification of the respective natural person;
description of the request;
signature, date of submission of the request and e-mail address.
16.2 The request is made personally by the natural person. The administrator records the requests submitted by individuals in a separate register.
16.3 After the natural person has exercised his right of access to personal data concerning him, the Administrator shall verify the identity of the natural person before responding to the request. This is necessary to minimize the risk of unauthorized access to data and identity theft. In case the Administrator cannot identify the individual from the collected personal data, then the Administrator has the right to request a copy of documents that identify the individual (such as ID card, driver's license, other documents that contain personal data that may identify the individual).
16.4 The administrator shall review the request and provide the individual with information on the actions taken in connection with the request within one month of receiving the request. If necessary, this period may be extended by a further two months, taking into account the complexity and number of requests.
16.5 The administrator shall inform the natural person of any such extension within one month of receiving the request, indicating the reasons for the delay. Where the individual submits a request by electronic means, the information shall, where possible, be provided by electronic means, unless the person has requested otherwise.
16.6 If the Administrator does not take action on the request of the natural person, the Administrator shall notify the person without delay and at the latest within one month from the receipt of the request of the reasons for not taking action and of the possibility to file a complaint to a supervisory body and seek protection. judicially.
16.7 The controller undertakes to notify any recipient to whom personal data have been disclosed of any correction, erasure or restriction of processing, unless this is impossible or requires a disproportionate effort. The administrator shall inform the individual of these recipients if the person so requests.
XV. RIGHT TO OBJECT
17.1 The natural person has the right, at any time and on grounds related to his specific situation, to object to the processing of personal data concerning him. Pursuant to Article 21, paragraph 4 of Regulation 2016/679, the natural person is explicitly notified of the existence of the right to object, which is presented in a clear manner and separately from any other information. To fulfill this obligation, more information on the right to object will be provided in this section of this Privacy Policy.
17.2 The natural person has the right, at any time and on grounds related to his specific situation, to object to the processing of personal data concerning him, in cases where the processing is necessary for the performance of a task of public interest or in the exercise of official powers conferred on the Administrator or the processing is necessary for the legitimate interests of the Administrator or a third party, except where such interests take precedence over the interests or fundamental rights and freedoms of the individual requiring the protection of personal data. -especially when the individual is a child. The controller undertakes to terminate the processing of personal data, unless it proves that there are compelling legal grounds for processing that take precedence over the interests, rights and freedoms of the individual, or for the establishment, exercise or protection of legal claims. Individuals exercise their right to object by submitting a written request to the Administrator by mail to the address specified in the Administrator's identification above in this Privacy Policy or by sending an email.
17.3 When processing personal data for the purposes of direct marketing, the individual has the right at any time to object to the processing of personal data relating to him for this type of marketing, which includes profiling, insofar as it is related to direct marketing. When the individual objects to processing for the purposes of direct marketing, the processing of personal data for these purposes is terminated. Individuals exercise their right to object by submitting a written request to the Administrator by mail to the address specified in the Administrator's identification above in this privacy policy or by sending an email stating that he does not wish to receive advertising messages.
XVI. LINKS, TOOLS AND CONTENT FROM OTHER COMPANIES
18.1 The Website contains buttons, tools or content that link to the services of other companies, such as buttons: "Facebook" button, "Twitter" button, "Instagram" button, "YouTube" button and links to the developer of the Administrator's website . All sites of such companies that can be accessed through this website are independent and the Administrator does not assume any responsibility for damages and losses resulting from the use of these sites. Individuals use these sites at their own risk and it is advisable to familiarize themselves with the relevant Privacy Policy of the company in order to obtain more information.
XVII. CHANGES TO THE PRIVACY POLICY
19.1 This Privacy Policy may be updated at any time in the future. When this happens, the changed policy will be published on this website with a new date "Last change" at the top of this Privacy Policy and will be effective from the date of publication. It is therefore recommended that you periodically review this Privacy Policy to ensure that you are aware of any changes. By using the website after the publication of the updated Privacy Policy, you will be deemed to agree to the changes made.
XVIII. CONTACTS
20.1 If you have any further questions about this Privacy Policy, please do not hesitate to contact us at 00359 895 700 67 or ICEBERGBANSKO@GMAIL.COM.