• Home
Luggagelocker

Privacy Policy

 

This Privacy Policy describes how “CaseAway Lockers” Ltd. (LuggageLocker.bg) processes personal data in connection with the locker rental service (hereinafter referred to as the “Service”).

 

Contents

  • Controller and contacts
  • Categories of personal data
  • Legal basis for processing
  • Purposes of processing
  • Data retention periods
  • Recipients and transfers
  • Security measures
  • Your rights
  • Cookies
  • Changes to this Policy

 

1) Controller and contacts

Data Controller: “CaseAway Lockers” Ltd. (LuggageLocker.bg)

Contact email: info@luggagelocker.bg

Optionally add: company registered address, registration number, and Data Protection Officer (if applicable).

 

2) Categories of personal data

  • Operational data: PIN code (pseudonymised identifier), equipment logs (date/time, locker number, statuses), selected service information and payments (without full card details).
  • Payment data: processed by licensed payment service providers/banks; the Provider does not store full card details.
  • Communication data: logs/records of intercom calls and customer support emails/chat sessions.
  • Video surveillance (CCTV): images from the premises and lockers for security and abuse prevention purposes.
  • Technical data: IP address, device/browser identifiers, cookies – see Cookie Policy.

 

3) Legal basis for processing (Art. 6 GDPR)

  • Contractual necessity – to provide the Service (Art. 6(1)(b)).
  • Legal obligation – accounting/tax requirements, assistance to competent authorities (Art. 6(1)(c)).
  • Legitimate interest – security of equipment, fraud/abuse prevention, CCTV, service improvement (Art. 6(1)(f)); we conduct a “balancing of interests” test.
  • Consent – where applicable (e.g., marketing messages, analytics/marketing cookies). Consent can be withdrawn at any time.

 

4) Purposes of processing

  • Providing and administering the Service (identification via PIN, locker access, maintenance).
  • Payment processing and accounting.
  • Security: CCTV, prevention and detection of incidents/abuse.
  • Customer service and dispute resolution.
  • Improving the functionality and reliability of the equipment and website.

 

5) Data retention periods

  • Equipment logs: up to 12 months, unless required for an incident/dispute.
  • CCTV recordings: usually up to 30 days, unless related to an incident (stored until investigation/procedure is completed).
  • Customer support/intercom logs: up to 24 months.
  • Accounting documents: in accordance with applicable law (e.g., up to 10 years).
  • Cookies and web logs: in line with the terms described in the Cookie Policy.

 

6) Recipients and data transfers

  • Processors: payment providers, acquiring banks, IT/hosting partners, maintenance and support providers – they process data under contract and our instructions.
  • Public authorities: when required by law or with a valid request.
  • Transfers outside the EEA: only where appropriate safeguards are in place (e.g., Standard Contractual Clauses), with additional protection measures where necessary.

 

7) Security measures

We apply technical and organizational measures as required by Art. 32 GDPR, including access controls, encryption in transit, backups, logging, the principle of data minimization, and staff training. Access is restricted to staff/processors who have a legitimate business need.

 

8) Your rights

You have the right to:

  • Access your personal data and receive a copy;
  • Rectification of inaccurate/incomplete data;
  • Erasure (“right to be forgotten”) under the conditions of Art. 17 GDPR;
  • Restriction of processing;
  • Data portability (where applicable);
  • Object to processing based on legitimate interest (including CCTV, in specific circumstances);
  • Withdraw consent at any time (where processing is based on consent).

 

How to exercise your rights

Send a request to info@luggagelocker.bg. To prevent misuse, we may require verification of identity (e.g., via booking email or PIN code). We respond without undue delay, usually within one month.

 

Complaints

You have the right to lodge a complaint with the Bulgarian Commission for Personal Data Protection, or with the supervisory authority of your country of residence in the EU/EEA.

 

Automated decision-making

We do not take decisions based solely on automated processing that produce legal effects for users.

 

CCTV notice

Premises with equipment are clearly marked. Processing is necessary for security and abuse prevention. Retention periods and legal bases are described above.

 

9) Cookies

Our website uses cookies for basic functionality (strictly necessary) and – only with your consent – for statistics and/or marketing. Details on cookie types, retention periods and management options are described in our separate Cookie Policy. You can change your preferences at any time through the cookie banner/settings.

 

10) Changes to this Policy

We reserve the right to update this Privacy Policy when changes occur in our operations, legislation, or technology. The latest version is always available on this page and applies from the date indicated above.

Privacy contact: info@luggagelocker.bg

*This document is provided for transparency and should be reviewed according to specific processes/retention periods and by a legal advisor or DPO.

 

Last updated: 02 October 2025

Luggagelocker

Home    Terms and Conditions    Privacy Policy    Cookie Policy

© Copyright 2025 CaseAway Lockers, LuggageStorage.BG.