PRIVACY POLICY
This is a privacy policy for Merkantilbygg AS’ og Highland Lodge («The Hotel») processing of personal data related to its guests. The hotel will collect personal data about its guests in order to provide its services. This privacy policy provides information you are entitled to when your personal data is collected, including how the Hotel collects and processes personal data. The privacy policy covers all personal data provided by you, or collected by us as a part of our services. The Hotel is subject to Norwegian law, and will process your personal data in accordance with applicable personal data regulations.
1. Data controller for your personal data
The data controller decides the purposes for and the means by which personal data is processed. For the purpose of this privacy policy, the Hotel is responsible for the personal data provided by you by registering as a guest/member on the Hotel’s website; [https://www.highland.com] “the Website” or through renting accommodation.
Contact information for the data controller:
Highland Lodge Geilo
Lienvegen 11, 3580
Telephone number: +47 32 09 61 00
Email: mail@highland.no
2. The information the hotel collects from you
When you register as a user, book a trip or submit a contact form on the Website, the Hotel will collect and process certain information about you. The type of information the Hotel collects can be sorted into the following categories:
- Personal information; i.e. information that can be used to identify an individual person, including name and surname, age, sex, date of birth, title/position, credit card information or other financial information, home address or other address, email address, phone number and other contact information, log of activity on user profile and advertising.
- Information collected through your use of the Website; i.e. information collected through data tracking, for example by use of cookies (see section 3 below) and by use of analytical tools such as Google Analytics. Information that is collected may include the type of browser you use, which third party website that connected you to the Website, the search words you type in on the Website, the specific sites you visit on the Website and the duration of the visit.
- Your IP address and other information about your computer; the Hotel may collect and store your IP address (the number that identifies your computer on the internet) and other information about your computer for system administration purposes (e.g. to calculate how many users that have accessed and used the Website). The IP-address will only be stored for the duration of the visit on the Website and will thereafter be either deleted or anonymized.
3. Cookies
The Hotel may use cookies and other information gathering methods to enhance the user experience and optimize the Website. As a visitor on our Website, you will as a main rule remain anonymous. Note however that you will be authenticated. Further, location data is stored for the purpose of optimizing the portal experience. The location data is never linked to the user data.
In order to detect and delete cookies, you can change the settings in your browser. The “Help” function of your browser can help you configure your browser to prevent cookies or delete existing cookies. You can also learn how to block all new cookies on your browser and which configuration steps are required to receive a notification about new cookies. However, please note that if you choose not to accept cookies, your access to certain functionality on the Website may be restricted.
4. Where is your personal data collected?
Personal data is collected through your use of the Website, from the form you complete when you register in a contact form on the Website, or from the information you provide to the Hotel in connection with the hotel or submitting contact forms. .
5. How the Hotel use your personal data
The Hotel will use the personal data you provide to us or that the Hotel collects through your use of the Website for the following purposes:
- to fulfil an agreement with you, i.e. to offer you ophthalmic consultation or surgery;
- to enable you to submit a contact forms directly from the Website;
- to improve our services, the content of the Website and other relevant platforms, for example by collecting and processing data for internal statistical purposes, administration and marketing of the Hotel This includes identifying general utility models to enable the Hotel to improve its services and the Website;
- to respond to your questions and inquiries;
- to provide you with information of new and other services offered by the Hotel;
- to inform you about amendments of this privacy policy;
- for examinations of and protection against breaches of this privacy policy, criminal offences, fraud and potential threats against our or other person’s legal rights;
- to comply with applicable laws and regulations;
- for any other purpose either described in this privacy policy, or for which the Hotel will notify you specifically at the time of collection or upon obtaining your consent, or as permitted or required by law, rule, regulation or any other legal process.
6. Consent and other legal basis’ for processing of personal data
In order to process your personal data, the Hotel requires your consent or other legal basis. Consent can be given upon request from the Hotel, or by voluntarily giving the Hotel the information through a membership application, the Website or other relevant platforms for the Hotel
You can withdraw your consent at any time by sending an email to the Hotel, or you can use the widget on the webpage where you can administer your data consent.
Other legal basis for processing can be such processing of personal data that is necessary for the Hotel to comply with all applicable rules and regulations to which the Hotel is subject, e.g. statutory rules related to storage for accounting purposes.
Your personal data will not be stored for a longer period than necessary for the Hotel to fulfil the above mentioned purposes.
7. Disclosure to third parties
The Hotel may disclose your personal data to suppliers and sub-suppliers who perform services for the Hotel, to enable the Hotel to provide you with services. (the Hotel may for example make use of suppliers for hosting of the Website, to facilitate contact with customers via email or SMS, payments systems etc.) Suppliers and sub-suppliers may only use your personal data for the purposes the data was collected for, and to perform its assignments. Any such disclosing of personal data to suppliers and sub-suppliers will be governed by, and done in accordance with, a data processor agreement.
The Hotel will not transfer, sell, rent or exchange personally identifiable information with any third party in a way that is not provided for in this privacy policy without your express consent, unless such obligation is imposed by law or binding court order, or when necessary in a business transaction.
8. Protection of your data
The Hotel takes the privacy rights of our users seriously and has taken reasonable steps to protect the user’s privacy, including physical, technical and organisational measures, to prevent loss, alterations, theft and unauthorized access to information stored and otherwise processed by the Hotel.
9. Links to third party websites
The Website may include links to other third party sites. These third party sites have their own privacy policies that determine how the third party site is operated and how personal data is collected and processed. If you submit personal information to any of these third party sites, your information is governed by their privacy policies. The Hotel takes no responsibility for such third party sites, how they are operated and how they process your personal data. The Hotel recommends that you familiarize yourself with such third party sites’ privacy policies and terms of use when visiting and using such sites.
10. Your rights
You have the right to require access to the personal data the Hotel has collected about you. You have the right to demand your personal data be deleted at any time. Upon such an inquiry, all your personal data will be deleted, unless statutory obligations or legitimate interests require continued storage. Anonymized information, i.e. information that cannot be linked to you, may be subject to continued storage.
If you want to exercise your right to:
- get information about what personal data the Hotel has registered on you;
- change or update the stored data and correct any errors in that data;
- request that unnecessary data is erased;
- stop receiving emails from us, such as newsletters and similar;
- withdraw your consent to the collection, processing, use or disclosure of your personal data to third parties;
- request information about your right to data portability, i.e. your right to obtain, reuse and transfer personal data provided to the Hotel to another IT environment;
you should contact the Hotel via the contact information stipulated above in section 1.
If you believe that our processing of your personal data infringes relevant data protection regulations, you are entitled to lodge a complaint with the supervisory authority of your habitual residence, place of work or place of the alleged infringement, or other relevant supervisory authority. In Norway, this is Datatilsynet.
11. Modifications to the privacy policy
The Hotel reserves the right to modify this privacy policy from time to time. The most recent revision shall supersede any earlier versions. The current version of the privacy policy will be available at the Website at all times. The Hotel will notify the user of any changes to the privacy policy that will require your consent.
By using the Hotel’s services, you accept electronic information about and publication of this privacy policy on the Website, and you consent to that electronic information about and publication of revised versions of this privacy policy on the Website is valid as a notification to you.