Privacy policy for Hotel Arctic – Guests
[Applicable from 15 April 2019]
Data liability of Hotel Arctic
Hotel Arctic registers and processes the personal data of guests when said data is relevant to the further processing by Hotel Arctic. Due to administrative and security considerations, it is important that the data is always correct and up to date.
General for the data processing is that personal data is solely processed for specific purposes and based on legitimate interests. Personal data is only processed where this is relevant and necessary to fulfil these purposes and the data is erased when it is no longer required.
Contact details of the data controller
The Manager is the Hotel Arctic data controller and must ensure that personal data is processed in accordance with the legislation applicable at any given time.
Contact details:
Contact person: Morten Nielsen
Address: Lufthavnsvejen B-1128, 3952 Ilulissat
CVR No: 1023201433
Telephone No: +299 944153
Email: reception@hotel-arctic.gl
Website: www.hotelarctic.com
Processing of personal data
We process the following personal data on our guests/customers:
- Personal data:
- General personal data:
- Registration and contact information such as name, address, telephone number, email address or similar information which may identify a natural person, either directly or indirectly.
- Personal data under a greater degree of protection:
- No personal data under a greater degree of protection will be processed.
This is where we collect the data
Normally, we acquire the data directly from you. In certain cases, Hotel Arctic will collect and process personal data received from third parties, e.g. a travel agency. In such cases, the third party in question is obliged to inform the guests/customers in question of the terms and conditions of Hotel Arctic as well as of the privacy policy of Hotel Arctic. It is the responsibility of said third party to ensure that the required legal authority for the collection and processing of said personal data exists, to include obtaining any consent required to the processing of sensitive information, if relevant.
The purposes of Hotels Arctic for the processing of your personal data
We process your personal data for specific purposes when there is a legal authority to do so.
Legal authority for processing includes specifically:
- The legitimate interest of Hotel Arctic to process your personal data (the balancing of interests principle)
- That it is necessary to fulfil a contact with you
- Processing required by law
- Processing based on consent
The purposes:
- Our purposes for processing:
- Supplying goods and services ordered by you
- Managing your relationship with us
- Invoicing goods and services supplied to you.
We only process personal data based on legitimate interests
To the extent that we process your personal data based on a balancing of interests, this processing will solely be motivated by legitimate interests such as:
- That we may complete a booking and/or supply the services you order from us, i.e. the fulfilment of a contract with you.
Consent
Usually, our processing of your personal data will be based on a legal authority other than consent. We therefore only obtain your consent in those rare instances where this is necessary to process your personal data for the purposes described above.
If we seek to obtain your consent, you are free to give this and you may withdraw your consent at any time by providing us with notice to this effect.
Disclosing your personal data
Hotel Arctic uses a hosted version of the hotel system Picasso for managing bookings and other services provided to guests of the hotel and other customers, generally. An appropriate data processing agreement has been entered into with AK Techhotel A/S relating to the processing of the necessary personal data. However, the data processor may only access and process your personal data on behalf of Hotel Arctic in order to fulfil the specific purposes determined by Hotel Arctic and is, therefore, not permitted to use your personal data for its own purposes.
In connection with regulatory processing, your personal data may be disclosed to the relevant authorities.
We do not disclose personal data to third parties/companies for marketing purposes without obtaining your consent.
To the extent that your personal data is transferred to third countries, Hotel Arctic will ensure an adequate level of protection of such a transfer by applying the standard clauses of the EU Commission to a contract with the recipient of said personal data or will use recipient which are subject to specific certification mechanisms such as the EU-US Privacy Shield. If you have questions relating to the legal authority for any transfer to third countries, you may contact us by using the contact details set out above.
Storing and erasure of your personal data
We will store your personal data for as long as this is required to serve the purposes described above. Personal data included in our accounting records and system is stored for a period of five (5) years from the end of the current financial year.
Your rights
You have a number of rights according to the General Data Protection Regulation when we process your personal data:
- The right to be informed of your personal data being processed
- The right to access your personal data
- The right to rectify your personal data
- The right to erasure
- The right to limit processing
- The right to data portability (receiving your data in a generally used format)
- The right to object
You may exercise your rights, including objecting to our processing of your personal data by contacting us. You find our contact details above.
If, by way of example, you contact us to request having your personal data rectified or erased, we will investigate whether the conditions for this are met and, if so, we make the changes or erase the data as soon as possible.
You may always file a complaint with the Danish Data Protection Agency/Datatilsynet.
Revisions to this privacy policy
We reserve the right to change this privacy policy from time to time. When changes are made, the date at the top of the privacy policy will change. The privacy policy applicable at any time will be available on our website.