1 Introduction

We use your personal information in order to fulfill our commitment to providing a personal and unique guest service experience. As part of that undertaking, we are committed to safeguarding the privacy of the personal information that we gather.

As one of our guests, you understand and agree that we collect and use your personal information in accordance with this Personal Information Management Policy for Guests (this “Policy”).

2 The Application of this Policy

This Policy applies to personal information regarding guests and the other individuals with whom we do business or who visit us and to the use of that personal information in any form – whether oral, electronic or written.

References to “The Hotel”, “we” and “our” throughout this Policy, depending upon the context, refer to Helenekilde Badehotel.

“Personal information” means any information collected and logged in a format that allows you to be identified personally, either directly (e.g. name) or indirectly (e.g. telephone number) as a natural person.

This Personal Information Management Policy forms part of the terms and conditions that govern our hotel services. By accepting these terms and conditions, you expressly accept the provisions of this policy.

We take appropriate technical and organizational measures, in accordance with applicable legal provisions, to protect your personal data against illicit or accidental destruction, accidental alteration or loss, and unauthorized access or disclosure. To this end, we have taken technical measures (such as firewalls) and organizational measures (such as a user ID/password system, means of physical protection etc.).

3 Types of Personal Information We Collect

The term “personal information” in this Policy refers to information, which does or is capable of identifying you as an individual. The types of personal information that we process include:

  • your name, contact details, business title, date of birth, nationality, and passport number;
  • guest stay information, including your date of arrival and departure, goods and services purchased, special requests made, observations about your service preferences (including room and holiday preferences), and messages received;
  • your credit card details, online user account details, and profile details;
  • any information necessary to fulfill special requests (e.g., specific dietary requests, purchase of goods and services, anniversary dates etc.);
  • information collected through the use of closed circuit television systems, card key and other security systems;
  • contact and other relevant details concerning the employees of corporate accounts;
  • in limited cases, information relating to the credit of customers.

We do not deliberately collect sensitive information, such as information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning a guest’s sex life or sexual orientation.

4 How We Collect Personal Information

We collect information about you in the following ways:

  • when you provide information to us via our website or when you send us emails;
  • when we speak with you on the phone;
  • when we speak to you in person;
  • when you use our websites or applications; or
  • when your image is captured on CCTV at the hotel.

Most of the personal information we process is information that you or someone acting on your behalf knowingly provides to us. However, in some instances, we process personal information that we are able to infer about you based on other information you provide to us or on our interactions with you, or personal information about you that we receive from a third party such as a travel agent.

5 For which purposes are the information used

Subject to the General Data Protection Regulation (GDPR), we may collect and process your personal information in order to:

  • fulfill contractual obligations to you, anyone involved in the process of making your travel arrangements (e.g., travel agents, group travel organizers or your employer) and vendors (e.g., credit card companies);
    provide and charge for the hotel accommodation and other goods and services you purchase;
  • provide you with a better, more personalized level of service;
  • conduct market research, customer satisfaction and quality assurance surveys, direct marketing and sales promotions;
  • respond to requests for information and services;
  • provide for the safety and security of staff, guests and other visitors;
  • administer general record keeping; and
  • meet legal and regulatory requirements.

6 Disclosures of your Personal Information

From time to time, we may disclose your personal information. We always make that disclosure in accordance with the GDPR. Circumstances where we might make such disclosure are in the event of maintenance of our IT-system.

In that circumstance, we disclose information to the following third parties:

Name: Spectra
Purpose: Spectra application maintenance
Personal Information Provided: All database records
Use Period: View only for database maintenance when requested by Helenekilde Badehotel, supervised by a member of Senior Management of Helenekilde Badehotel.

6.1 Legal Requirements

We reserve the right to disclose any personal information we have concerning you if we are compelled to do so by a court of law or requested to do so by a governmental entity or if we determine it is necessary or desirable to comply with the law or to protect or defend our rights or property in accordance with applicable laws. We also reserve the right to retain personal information collected and to process such personal information to comply with accounting, tax rules and regulations and any specific record retention laws.

7 Information We Collect When You Visit Us Online

If you choose to obtain information or do business with us online by visiting www.helenekilde.com , you may wish to know the following:

7.1 You Can Browse Without Revealing Your Identity

You can always visit our websites without revealing who you are or providing any personal information.

7.2 Usage Information

When you visit our websites, we collect usage information (i.e., the Internet Protocol address automatically assigned to your computer each time you browse the Internet, the date and time of your visit, the type of Internet browser you use and the URL of any other website that referred you to our website, and the pages you access and the amount of time you spend on each page), but that information is not linked to you as an individual unless you create a user profile. We use this information to evaluate and improve the features, guest experience and functionality of our websites.

7.3 Cookie Technology

We use “cookie technology” on our websites to allow us to evaluate and improve the functionality of our websites. Cookies by themselves cannot be used to reveal your identity. They identify your browser, but not you, to our servers when you visit our websites.

If you do not want to accept cookies, you can block them by adjusting the settings on your Internet browser. However, if you block them, you will not be able to use all of the features of our websites, including the customization features associated with creating a user profile.

7.4 Security

Because the security of your personal information is important to us, we use Secured Socket Layer (“SSL”) software in order to encrypt the personal information that you provide to us. If your browser is SSL enabled (which most are), your transmission of personal information to us online will be encrypted. You can verify whether your personal information is transmitted using SSL encryption by confirming the symbol of a closed lock or solid key on the bottom bar of your browser window. You can also verify that your personal information will be encrypted using SSL encryption by making sure that the prefix for the web address listed for that page has changed from “http” to “https”. If you do not see the appropriate symbol and the “https” prefix, you should not assume that the personal information that you are being asked to provide will be encrypted prior to transmission.

The personal information we collect from you online is stored by us and/or our service providers on databases protected through a combination of physical and electronic access controls, firewall technology and other reasonable security measures. Nevertheless, such security measures cannot prevent all loss, misuse or alteration of personal information and we are not responsible for any damages or liabilities relating to any such incidents to the fullest extent permitted by law. In the unlikely event of a data breach, we will notify you of any such loss, misuse or alteration of personal information that may affect you, so that you can take the appropriate actions for the due protection of your rights.

7.6 Minors

Our website does not sell products or services for purchase by children and we do not knowingly solicit or collect personal information from children. If you are under the age of 18 (or a minor in the jurisdiction in which you are accessing our websites), you may only use our websites with the involvement of a parent or guardian.

8 Choice

You may always choose which personal information (if any) you wish to provide to us. However, if you choose not to provide certain details, some of your experiences with us may be affected (for example, we cannot take a reservation without a name).

If you provide us with your contact details (e.g., postal address, email address or telephone), we may contact you before your stay to ensure that your stay lives up to your expectations, and, if you choose to opt-in to our newsletter, distribute our newsletter to you. You can always choose whether or not to receive any or all of these communications by contacting us as described in Section 12 below or following the “unsubscribe” instructions contained in the communications.

9 How Long Do We Keep Your Information For?

Helenekilde Badehotel possesses and uses your personal information for 365 days after your stay, as required by Danish law, and destroys without delay such personal information if the purpose of use has been satisfied. The procedure and method for destruction is as follows:

Personal information documented on paper will be shredded or incinerated.

Personal information saved in the form of electronic files will be destroyed by technical means making the records non-reproducible.

10 Updating or Accessing Your Personal Information

You have the right to access, modify and request deletion of personal information held about you. If you want to inquire about any personal information we may have about you, you can do so by sending us a written request by letter or email to the addresses set out in Section 12 below. Please be sure to include your full name, address and telephone number and a copy of a document evidencing your identity (such as an ID card or passport) so we can ascertain your identity and whether we have any personal information regarding you, or in case we need to contact you to obtain any additional information, we may require to make that determination.

Where you make more than one request in quick succession, we may respond to your subsequent request by referring to our earlier response and only identifying any items that have changed materially.

You may always request that we correct, cancel, and/or stop processing personal information that we hold about you. If the personal information is incorrect, or the processing should be stopped, we will delete or correct the personal information.

11 Changes to this Policy

Just as our business changes constantly, this Policy may also change. To assist you, this Policy has an effective date set out at the end of this document.

12 Request for Access to Personal Information/Questions or Complaints

If you have any questions about this Policy, or any concerns or complaints with regard to the administration of the Policy, or if you would like to submit a request (in the manner described in Section 10 above) for access to the personal information that we maintain about you, please contact us by any of the following means:

  • by contacting the hotel by email kontakt@helenekilde.com, ATT: Security & Compliance
  • by mail at Strandvejen 25, 3220 Tisvildeleje, Denmark.

All requests for access to your personal information must be submitted in writing by letter or email. We may respond to your request by letter, email, telephone or any other suitable method.

Effective Date: 01-05-2018