Personal data policy for the processing of;
Website users, guest, customer and supplier information
Grand Hotel Struer, CVR no. 30 04 46 22
Grand Hotel Struer is the data controller.
Østergade 24 7600 Struer; firstname.lastname@example.org
Grand Hotel Struer handles all personal information in accordance with applicable personal data legislation. Grand Hotel Struer enters into agreements with guests, customers and suppliers regarding the delivery – purchase and sale – of various services and products.
When a guest/customer orders and purchases one or more of Grand Hotel Struer’s services, and as part of this submits his/her personal data to Grand Hotel Struer, the guest/customer at the same time gives his/her consent to the personal data of the guest/customer/supplier being processed by Grand Hotel Struer .
The same applies with regard to any personal data that suppliers to Grand Hotel Struer provide to Grand Hotel Struer in connection with making offers or entering into agreements with Grand Hotel Struer.
Grand Hotel Struer collection of personal data
Personal information is collected by Grand Hotel Struer in the following way:
When a guest/customer – or a representative thereof – chooses to obtain an offer for and/or purchase one of Grand Hotel Struer’s services/products, or when a supplier makes an offer or sells products or services to Grand Hotel Struer.
- From B2B market.
- Through browser cookies and web beacons.
- In connection with the use of Grand Hotel Struer’s digital services.
- By participating in Grand Hotel Struer customer/loyalty programs and by subscribing to Grand Hotel Struer’s newsletter.
- From social media, advertising and analytics providers and public records.
- Via video and TV surveillance.
- When suppliers enter into agreements with Grand Hotel Struer or make offers to Grand Hotel Struer.
Collection and processing of personal data, cf. above, will always take place in accordance with applicable personal data legislation.
Video surveillance there, which is set up at our entrances/exits, at checkout operations and at particularly valuable inventory, takes place as part of crime prevention and also functions as a safety-creating measure for employees and guests.
Information collected by Grand Hotel Struer
Grand Hotel Struer collects the following personal data:
- Name, address, telephone number, e-mail address, date of birth and other general non-personally sensitive information.
- Payment card details – typically as a guarantee for a reservation and for payment of a stay.
- Demographic information.
- Purchase history including the use of Grand Hotel Struer apps and/or other digital services.
- The use of Grand Hotel Struer’s customer/loyalty programs.
- Information from Grand Hotel Struer’s customer surveys.
- Information from any competitions held
- Information from Grand Hotel Struer’s social media and other digital platforms belonging to Grand Hotel Struer.
- Browser information.
- Information about the guest/customer’s company and relevant contact persons.
- Information about suppliers’ business as well as information about relevant contact persons and key persons, including key accounts.
A guest/customer/supplier may voluntarily and at his own choice provide Grand Hotel Struer with additional personal data that he believes may be of importance to Grand Hotel Struer’s operation/service of the guest/customer/supplier, or that the person in question believes should be provided for security reasons regards.
This can e.g. be information about:
- Special food preferences
- Other health or medication information
If a guest/customer/supplier chooses to provide such information voluntarily and by choice, Grand Hotel Struer perceives this as consent to be able to record and store this sensitive information about the person concerned.
In addition to the information that Grand Hotel Struer receives directly from guests/customers/suppliers, Grand Hotel Struer will in some cases obtain or process additional information that Grand Hotel Struer has received from third parties, e.g. a travel agency, another intermediary or an employee of the company where the data subject is employed.
Where this is the case, the relevant third party is obliged to inform the relevant guests/customers/suppliers about Grand Hotel Struer’s terms and conditions as well as Grand Hotel Struer’s personal data policy. It is also the responsibility of the third party in question to ensure that there is the necessary legal basis for the collection and processing of the information in question, including obtaining any necessary consent for the processing of any sensitive information.
Payment by credit card
Grand Hotel Struer uses DIBS www.dibs.dk (Nets) to redeem payments with debit and credit cards. DIBS and Grand Hotel Struer are approved and certified by Pengeinstitutternes Betalingssystem (www.pbs.dk).
For orders and bookings, Grand Hotel Struer stores the information provided by the guest/customer/supplier for up to 2 years, after which the information is deleted.
In addition to handling the order, the information provided is only used if a guest/customer/supplier e.g. contact with questions or if there is an error in the order.
What is the purpose of the data collection and processing?
Grand Hotel Struer only collects personal data that is necessary to fulfill the agreements entered into with guests/customers/suppliers regarding the provision of services, e.g. an overnight stay or purchase/sale of products or services. It is the content of the individual agreement/the nature of the service that determines which personal data Grand Hotel Struer collects and processes, and which determines the purpose of the collection.
The purpose of collecting and processing personal data will primarily be:
- Processing of guests/customers’ bookings and purchases of Grand Hotel Struer services.
- Processing suppliers’ offers for and sale of products and services
- Contact the guest/customer before, during or after their stay.
- Fulfillment of the guest’s/customer’s request for an offer or purchase of services.
- Improvement and development of Grand Hotel Struer’s services.
- Adaptation of Grand Hotel Struer marketing and other communications.
- Analysis of guests/customers/suppliers’ user behavior and marketing towards them
- Adaptation of Grand Hotel Struer’s business partners’ communication and marketing to guests/customers/suppliers.
- Administration of guests/customers/suppliers’ relationship with Grand Hotel Struer, including possible participation in Grand Hotel Struer’s customer/loyalty program.
- Fulfillment of legal requirements, e.g. requirement to register overnight guests in accordance with the immigration legislation and the passport order.
Authorization – the legal basis – for the processing
Grand Hotel Struer will most often process personal data because it is necessary to fulfill an agreement with Grand Hotel Struer to which a guest/customer or a supplier is a party. This may, for example, be in connection with hotel stays, meeting arrangements and/or handling and fulfillment of cooperation and supplier agreements.
In addition, Grand Hotel Struer will process personal data in connection with booking prior to an overnight stay, handling of meetings, companies, conferences, etc. and prior to entering into supplier agreements.
In some cases, Grand Hotel Struer’s processing of personal data will take place as part of Grand Hotel Struer’s pursuit of a legitimate/objective interest that precedes the interests of the guest/customer/supplier (the data subject).
Such a legitimate interest can, for example, be the preparation of statistics, customer surveys, marketing and analysis of general guest/customer behaviour, which is intended to generally improve the experience at Grand Hotel Struer and the quality of Grand Hotel Struer’s services and products.
If a guest/customer discloses special personal preferences or considerations in connection with their stay/visit at Grand Hotel Struer, including e.g. health information, disability, religious beliefs or the like, Grand Hotel Struer only uses the information to ensure that the guest’s/customer’s personal preferences, health etc. are taken into account.
In some situations, Grand Hotel Struer receives personal data from third parties, e.g. a travel agency, an agent or the like, i.a. in connection with group bookings. When this happens, the relevant third party is required to inform the relevant guests/customers/suppliers of Grand Hotel Struer’s terms and conditions and the content of this personal data policy.
Grand Hotel Struer is additionally according to law, cf. above under section 5, obliged to register various information about overnight guests. This information must be stored for a minimum of one year and a maximum of two years.
The data subject’s rights
According to the rules in the Personal Data Regulation, the registered (customers/guests/suppliers) have different rights.
- A data subject has the right at any time to gain insight into which personal data Grand Hotel Struer processes about the data subject.
- A data subject has the right at any time to have the personal data that Grand Hotel Struer has about the data subject corrected and updated.
- A data subject has the right at any time to have the personal data that Grand Hotel Struer has about the data subject deleted. If a registered user requests deletion, all information that
- Grand Hotel Struer is not legally required to store will be deleted. A deletion of the registered person’s information may in some cases mean that Grand Hotel Struer cannot fulfill any concluded agreements or provide certain services to the data subject.
If some of the information that Grand Hotel Struer has about the data subject has been provided on the basis of the data subject’s consent, the data subject has the right to withdraw consent at any time, which means that the information is deleted or no longer used by Grand Hotel Struer . This does not apply to information that Grand Hotel Struer is legally obliged to store, cf. section above.
The option to withdraw request for deletion etc. may, however, be limited for reasons of the protection of other people’s privacy, trade secrets and intellectual property rights, as well as e.g. for the sake of the possibility of enforcing potential legal claims.
The registered person can at any time ask Grand Hotel Struer in writing to get an overview of and a copy of the personal data about the registered person that Grand Hotel Struer holds.
A written request to this effect must be signed by the registered person and contain his name, address, telephone number, e-mail address.
The data subject can also contact Grand Hotel Struer if the data subject believes that his personal data is being processed in violation of the law or in violation of other legal obligations, e.g. the agreement/contract that the data subject has with Grand Hotel Struer
Written request is sent to Grand Hotel Struer, see contact details above under section 1
Grand Hotel Struer will, as far as possible, within 1 month of receiving the registered person’s written request, send it to the registered person’s postal address.
If the data subject requests correction and/or deletion of his personal data, Grand Hotel Struer will assess whether the conditions for the request are met, and Grand Hotel Struer will, in such case, carry out changes or deletion as soon as possible.
Grand Hotel Struer reserves the right to reject requests which are of the nature of harassing repetition, which require disproportionate technical measures (e.g. development of a new IT system), which affect the protection of the personal data of other data subjects or in other situations where it will be disproportionately resource-intensive or very complicated to accommodate the request.
Security and sharing of personal data
Grand Hotel Struer protects the data subject’s personal data and has established guidelines that protect the data subject’s personal data from unauthorized disclosure and from unauthorized persons gaining access or knowledge of it.
Only the persons/employees at Grand Hotel Struer who, by virtue of their job function, need the personal data of the registered persons, have access to it. Grand Hotel Struer continuously checks that there is no unauthorized access to the personal data of the registered persons.
Grand Hotel Struer continuously backs up the registered personal data. In the event of a security breach, where there is a high risk of misuse of the registered personal data, including e.g. identity theft, financial loss, loss of reputation or other form of abuse, Grand Hotel Struer will notify the data subjects of the security breach as soon as possible.
Grand Hotel Struer security procedures are continuously reassessed and updated in relation to technological developments.
Grand Hotel Struer makes use of a number of external suppliers of IT services, IT systems, payment solutions, etc. Grand Hotel Struer enters into ongoing data processing agreements with all Grand Hotel Struer’s suppliers, whereby it is also ensured in relation to external data processors that these maintain a necessary and high level of protection with regard to the data subjects’ personal data.
In order to be able to fulfill agreements with those registered and to meet the needs of guests and customers, Grand Hotel Struer shares selected personal data with external suppliers such as restaurants, hotels, etc. This happens either by overbooking at the hotels or e.g. at the guest’s request for a restaurant booking.
Grand Hotel Struer also shares and passes on the registered persons’ personal data internally within the group, including to sister companies. The purpose of this sharing is to be able to give the guest/customer the best handling and service, regardless of which hotel or which department in the Grand Hotel Struer group the guest/customer uses.
Grand Hotel Struer is in some cases legally obliged to pass on personal data or obliged to do so as a result of a decision by a public authority.
Grand Hotel Struer deletes your personal data when Grand Hotel Struer’s legal obligation ends or when the purpose for collecting and processing the information is no longer present. As a general rule, financial data is stored for 5 years and other data for 2 years from the last visit.
Complaints about Grand Hotel Struer processing of personal data can be made to the Danish Data Protection Authority, BORGERGADE 28, 5, 1300 KØBENHAVN K, TELEPHONE 3319 3200 – E-MAIL email@example.com
This document will be continuously updated. Last updated: 2/9-2022.