INFORMATION ON HOW WE PROCESS YOUR PERSONAL DATA.
In accordance with Articles 13 and 14 of the General Data Protection Regulation (GDPR), we are pleased to provide you with information about our processing of your personal data.
The information we will provide to you is as follows:
- We are responsible for processing your personal data. – How do you contact us?
- Purpose and legal basis for processing your personal data
- Categories of personal data
- Recipients or categories of recipients
- Transfer of data to recipients in other countries, including international organisations
- Where your personal data originates from
- Storage of your personal data
- Automatic decisions, including profiling
- The right to withdraw consent
- Your rights
- Lodge a complaint with a supervisory authority
Below you will find detailed explanations of how we process your personal data.
If you have questions, you are welcome to contact us.
Glostrup Park Hotel A/S
We are responsible for processing your personal data. – How do you contact us?
Glostrup Park Hotel A/S is the data controller responsible for processing the personal data we receive about you.
Our contact information is below.
Glostrup Park Hotel A/S
CVR No. : 13665397
Phone: 0045 43960038
Purpose and legal basis for processing your personal data
We process your personal data for the following purposes:
- Preparation of offers and related services, including hotel accommodation, restaurant reservations, conferences, etc.
- Manage orders in our restaurant, including any special requests due to allergies or other special conditions.
- Compliance with relevant legislation
- Marketing, including advertising and newsletters.
- Internal administrative processes, including security planning, handling of gift cards, etc.
The legal basis for our processing of your personal data is provided by:
- For the most, data is treated according to the contract (our agreement with you). For example, when we need to complete your reservation.
- For our processing of your data in order to fulfil repeat bookings.
- For our marketing, with explicit consent or if processing is necessary for the purposes of the legitimate interests.
- For processing passport information in accordance with Danish law.
- For our storage of the financial transactions in accordance with Danish law.
- For our processing of personal data for security purposes.
As mentioned above, our processing of your personal data is partly based on the rule in Article 6 (1) of GDPR. The legitimate interests that justify the processing are that we want to give you a good experience when you visit us again, as well as to ensure efficient planning of our operational resources, including rostering. In addition, we process personal data for security purposes, including video surveillance in the signposted areas.
Categories of personal data
We address the following categories of your personal data:
- General personal data. Include your contact information, payment information, specific wishes for your booking and, if you are from outside Denmark, your passport information. If you travel as part of a group, we often also deal with contact information on the others in your group.
- Special Personal Data. In some cases, we may temporarily process special personal data, for example in connection with orders in our restaurant, including, if applicable, your specific wishes related to allergies or other special conditions.
Recipients or categories of recipients
We disclose or share your personal data to the following recipients:
- Public authorities at their request (e.g. police)
- Data Processors within the terms of our written instructions in the data processing agreement.
Transfer of data to recipients in other countries, including international organisations
We do not transfer your personal data to recipients outside the EU and the EEA.
Where your personal data originates from
The personal data originates from yourself or from a third party booking on your behalf, such as a travel agent.
Storage of your personal data
We keep your personal data, in connection with your bookings, as long as we have an active customer relationship with you or until 12 months after your last booking. Personal data required by our compliance with the Accounting Act is kept for 5 years after the current financial term. Video surveillance will be automatically deleted after 30 days.
In conjunction with our email marketing (newsletters) we collaborate with a third party, namely Emarketeer. Emarketeer stores and processes your personal data on Glostrup Park Hotels behalf according to its data policy and applicable personal data law, to ensure the best possible protection of your personal data. Glostrup Park Hotel has signed a data processing agreement with Emarketeer, which guarantees that they comply with the rules of GDPR.
Automatic decisions, including profiling
We do not use automated decision making, including profiling, in our operations.
The right to withdraw consent
You have the right to withdraw your consent at any time, such as the consent you have given if you subscribe to our newsletter. You can do this by contacting us or by simply clicking the unsubscribe link in the last newsletter.
If you choose to withdraw your consent, it does not affect the legality of our processing of your personal data based on your prior consent and until the date of withdrawal. If you withdraw your consent, therefore, it will not be effective until this date.
If you choose to withdraw your consent, your personal data will be deleted or anonymized over time. Personal data is stored for a maximum of 12 months after use, after which they are deleted.
You have a number of rights under GDPR in relation to our processing of data about you. If you want to use your rights, please contact us.
RIGHT TO SEE DATA (right of access)
You are entitled to access the data that we are processing about you, as well as certain additional information.
RIGHT OF CORRECTION (CORRIGENDUM)
You are entitled to have incorrect data about yourself corrected.
RIGHT TO DELETE
In special cases, you have the right to delete data about yourself prior to the time of our ordinary general deletion occuring.
RIGHT FOR RESTRICTION OF TREATMENT
You may limit the access to the processing of your personal data. If you are entitled to limited treatment, in future, we may only process the data – except for storage – with your consent or for the purpose of determining, enforcing or defending legal claims, or for protecting a person or important social interests.
RIGHT TO OBJECT
In some cases, you may object to our or legitimate processing of your personal data. You can also object to processing your data for direct marketing.
RIGHT TO TRANSMIT DATA (DATA PORTABILITY)
You may, in certain cases, have the right to receive your personal data in a structured, commonly used and machine-readable format and to transfer such personal data from one data manager to another without any hindrance.
You can read more about your rights in the Data Inspectorate’s Guide on the Registrar’s Rights, which you will find at www.datatilsynet.dk
Lodge a complaint with a supervisory authority
You are entitled to file a complaint with the Data Inspectorate if you are unhappy with the way we process your personal data. You will find the Data Inspectorate’s contact information at www.datatilsynet.dk.