We treat ones personal information in accordance with the Norwegian law of personal information, called GDPR throughout this policy.
2. Responsibility for ones Personal information
Dr. Holms Hotel AS
Org. no. 979 306 369
Timrehaugvegen 2, 3580 Geilo
Tlf. +47 32 09 57 00
Our company is responsible for the treatments of ones personal information in our systems regarding bookings, invoicing, online web-sites, ones account on our website and hotel operations. When one books, stays or pay at our hotel, Dr. Holms Hotel is the one responsible for personal information.
3. Treatment of personal information connected to bookings and stays
In connection with reservations made by the individual or on behalf of someone else, we procure and treat the personal information needed to complete ones reservation or provide the service one has bought. This is information one has given us directly or through a travel agency/agent. We treat information about ones identity, contact information and payment information. In some cases we require to save ones passport number. In addition we treat other information given to us that has relevance for ones stay at our hotel or our provided service. This could be information about allergies or specific needs and wishes for ones accommodation. We register all payments and reservations one makes at our hotel in order to be able to provide the service and in order to charge for it.
We treat this information as long as necessary to fulfill the contract of accommodation or service for the individual. In addition we keep it as long as GDPR requires us to keep it.
Dr. Holms Hotel also reserve the right to register all usage of keycards at our hotel, this to prevent and help resolve any criminal activity conducted on our property. We store all Card activity logs for 14 days.
4. Treatment of personal information for marketing purposes
In case one applies for our news letters and offers, we store and use ones e-mail address to send news and offers from us. We will also use ones e-mail address or phone number to send news and offers according to the rules of existing customer relations, our basis is the Norwegian marketing Law.
We will contact one on social media in case of ones consent or in case of existing customer relations. In using social media as a channel of communications we require to use ones e-mail address or phone number in accordance to the social media. Our basis for this is consent or legitimate interest from the individual.
One can at any time withdraw the consent given to Dr. Holms Hotel.
One may also reserve the right not to receive marketing in existing customer relationship; this can be done by sending an e-mail to email@example.com
5. Treatment of personal information for development, safety and troubleshooting.
We will treat data that includes personal information to troubleshoot and correct information, improve our services and the technology we use in order to analyze usage and user behavior. We will also use ones personal information in order to verify ones identity.
6. Other treatment of personal information
If one attends a competition or other event held by Dr. Holms Hotel, we will store personal information such as name and contact information in case of necessity, for example when registering attendance and selecting one or more winners. We will inform all attending in competitions or other activities about our policy to the best of our ability.
In case you contact our customer service or in any other way contact us with inquiries, we will treat the personal information one has given us as we deem necessary in order to answer and log ones inquiries. We also keep a list over news letters and offers we send whether or not these are opened. The basis for this is legitimate interest or in order to fulfill contract with the individual or in order to answer ones inquiries. The legitimate interest is to practice good customer care and send news letters and offers accordingly.
In addition to treatment of personal information declared in this policy or based on ones consent, we will in some cases have to or be able to treat personal information according to GDPR whenever authorities or judges demands or allows us this.
7. Treatment of personal information regarding our suppliers, business customers and contacts in the business
We treat information regarding contacts at our suppliers, business customers, collaborators, attenders at our events towards the business and other individuals acting within the business. This is done in order to work effectively, enter into- or exit out of contracts, recruit, run and evolve our business and our professional network. The information is with some exception; name, contact information, position, business, competence, interests within the business and attendance at our events for the business or previously neglected interest for us and our employees.
We store such information as long as we deem the individual as a business contact for us. The basis for this is legitimate interest.
8. Providing of personal information and statutory treatment
We do not provide ones personal information to a third party, unless consent has been given by the individual or by GDPR, authorities or judges demands or allows this. For the sake of order we would like to inform that our usage of data analysis to treat information on our behalf does not count as providing.
9. Procurement of personal information from others
In order to make sure we have the correct information about the individual we may compare ones information with other sources such as phone catalog, citizen registration and other sources. In some cases it’s necessary to credit check our customers, which means procurement of credit-data from other parties. We procure demographical information such as age, sex and language from other sources. We procure information from our collaborators and other departments of our concern when this is deemed necessary for the delivery of services and communication towards the individual.
10. Ones rights
The individual has many rights provided by GDPR, one has the right to demand insight, correction or removal of the personal information we have about one self. One also has the right to demand limited treatment, correct opposition and demand the right to data portability. In case one wishes for insight into our treatment or ones personal information, one may contact us at firstname.lastname@example.org and we will answer the inquiries as soon as possible. We will ask one to confirm ones identity before we may allow one to use their rights. This is done in order to ensure that one only has access to ones own information, and not someone pretending to be someone else.
11. Complaint regarding personal information
12. Usage of data treatment
We use a number of data treatment engines in order to deliver our services towards the individual, our largest data treatment engine is our booking system, Protel and our channel manager BookVisit
13. Changes in GDPR or in the treatment