Data liability of Hotel Arctic
Hotel Arctic registers and processes the personal data of guests when said data is relevant to the further processing by Hotel Arctic. Due to administrative and security considerations, it is important that the data is always correct and up to date.
General for the data processing is that personal data is solely processed for specific purposes and based on legitimate interests. Personal data is only processed where this is relevant and necessary to fulfil these purposes and the data is erased when it is no longer required.
Contact details of the data controller
The Manager is the Hotel Arctic data controller and must ensure that personal data is processed in accordance with the legislation applicable at any given time.
Contact details:
Contact person: Morten Nielsen
Address: Lufthavnsvejen B-1128, 3952 Ilulissat
CVR No: 1023201433
Telephone No: +299 944153
Email: reception@hotel-arctic.gl
Website: www.hotelarctic.com
Processing of personal data
We process the following personal data on our guests/customers:
This is where we collect the data
Normally, we acquire the data directly from you. In certain cases, Hotel Arctic will collect and process personal data received from third parties, e.g. a travel agency. In such cases, the third party in question is obliged to inform the guests/customers in question of the terms and conditions of Hotel Arctic as well as of the privacy policy of Hotel Arctic. It is the responsibility of said third party to ensure that the required legal authority for the collection and processing of said personal data exists, to include obtaining any consent required to the processing of sensitive information, if relevant.
The purposes of Hotels Arctic for the processing of your personal data
We process your personal data for specific purposes when there is a legal authority to do so.
Legal authority for processing includes specifically:
The purposes:
We only process personal data based on legitimate interests
To the extent that we process your personal data based on a balancing of interests, this processing will solely be motivated by legitimate interests such as:
Consent
Usually, our processing of your personal data will be based on a legal authority other than consent. We therefore only obtain your consent in those rare instances where this is necessary to process your personal data for the purposes described above.
If we seek to obtain your consent, you are free to give this and you may withdraw your consent at any time by providing us with notice to this effect.
Disclosing your personal data
Hotel Arctic uses a hosted version of the hotel system Picasso for managing bookings and other services provided to guests of the hotel and other customers, generally. An appropriate data processing agreement has been entered into with AK Techhotel A/S relating to the processing of the necessary personal data. However, the data processor may only access and process your personal data on behalf of Hotel Arctic in order to fulfil the specific purposes determined by Hotel Arctic and is, therefore, not permitted to use your personal data for its own purposes.
In connection with regulatory processing, your personal data may be disclosed to the relevant authorities.
We do not disclose personal data to third parties/companies for marketing purposes without obtaining your consent.
To the extent that your personal data is transferred to third countries, Hotel Arctic will ensure an adequate level of protection of such a transfer by applying the standard clauses of the EU Commission to a contract with the recipient of said personal data or will use recipient which are subject to specific certification mechanisms such as the EU-US Privacy Shield. If you have questions relating to the legal authority for any transfer to third countries, you may contact us by using the contact details set out above.
Storing and erasure of your personal data
We will store your personal data for as long as this is required to serve the purposes described above. Personal data included in our accounting records and system is stored for a period of five (5) years from the end of the current financial year.
Your rights
You have a number of rights according to the General Data Protection Regulation when we process your personal data:
You may exercise your rights, including objecting to our processing of your personal data by contacting us. You find our contact details above.
If, by way of example, you contact us to request having your personal data rectified or erased, we will investigate whether the conditions for this are met and, if so, we make the changes or erase the data as soon as possible.
You may always file a complaint with the Danish Data Protection Agency/Datatilsynet.
Revisions to this privacy policy
We reserve the right to change this privacy policy from time to time. When changes are made, the date at the top of the privacy policy will change. The privacy policy applicable at any time will be available on our website.