1. Data controller for your personal data
Contact information for the data controller:
Highland Lodge Geilo
Lienvegen 11, 3580
Telephone number: +47 32 09 61 00
2. The information the hotel collects from you
When you register as a user, book a trip or submit a contact form on the Website, the Hotel will collect and process certain information about you. The type of information the Hotel collects can be sorted into the following categories:
- Personal information; i.e. information that can be used to identify an individual person, including name and surname, age, sex, date of birth, title/position, credit card information or other financial information, home address or other address, email address, phone number and other contact information, log of activity on user profile and advertising.
- Your IP address and other information about your computer; the Hotel may collect and store your IP address (the number that identifies your computer on the internet) and other information about your computer for system administration purposes (e.g. to calculate how many users that have accessed and used the Website). The IP-address will only be stored for the duration of the visit on the Website and will thereafter be either deleted or anonymized.
In order to detect and delete cookies, you can change the settings in your browser. The “Help” function of your browser can help you configure your browser to prevent cookies or delete existing cookies. You can also learn how to block all new cookies on your browser and which configuration steps are required to receive a notification about new cookies. However, please note that if you choose not to accept cookies, your access to certain functionality on the Website may be restricted.
4. Where is your personal data collected?
Personal data is collected through your use of the Website, from the form you complete when you register in a contact form on the Website, or from the information you provide to the Hotel in connection with the hotel or submitting contact forms. .
5. How the Hotel use your personal data
The Hotel will use the personal data you provide to us or that the Hotel collects through your use of the Website for the following purposes:
- to fulfil an agreement with you, i.e. to offer you ophthalmic consultation or surgery;
- to enable you to submit a contact forms directly from the Website;
- to improve our services, the content of the Website and other relevant platforms, for example by collecting and processing data for internal statistical purposes, administration and marketing of the Hotel This includes identifying general utility models to enable the Hotel to improve its services and the Website;
- to respond to your questions and inquiries;
- to provide you with information of new and other services offered by the Hotel;
- to comply with applicable laws and regulations;
6. Consent and other legal basis’ for processing of personal data
In order to process your personal data, the Hotel requires your consent or other legal basis. Consent can be given upon request from the Hotel, or by voluntarily giving the Hotel the information through a membership application, the Website or other relevant platforms for the Hotel
You can withdraw your consent at any time by sending an email to the Hotel, or you can use the widget on the webpage where you can administer your data consent.
Other legal basis for processing can be such processing of personal data that is necessary for the Hotel to comply with all applicable rules and regulations to which the Hotel is subject, e.g. statutory rules related to storage for accounting purposes.
Your personal data will not be stored for a longer period than necessary for the Hotel to fulfil the above mentioned purposes.
7. Disclosure to third parties
The Hotel may disclose your personal data to suppliers and sub-suppliers who perform services for the Hotel, to enable the Hotel to provide you with services. (the Hotel may for example make use of suppliers for hosting of the Website, to facilitate contact with customers via email or SMS, payments systems etc.) Suppliers and sub-suppliers may only use your personal data for the purposes the data was collected for, and to perform its assignments. Any such disclosing of personal data to suppliers and sub-suppliers will be governed by, and done in accordance with, a data processor agreement.
8. Protection of your data
The Hotel takes the privacy rights of our users seriously and has taken reasonable steps to protect the user’s privacy, including physical, technical and organisational measures, to prevent loss, alterations, theft and unauthorized access to information stored and otherwise processed by the Hotel.
9. Links to third party websites
10. Your rights
You have the right to require access to the personal data the Hotel has collected about you. You have the right to demand your personal data be deleted at any time. Upon such an inquiry, all your personal data will be deleted, unless statutory obligations or legitimate interests require continued storage. Anonymized information, i.e. information that cannot be linked to you, may be subject to continued storage.
If you want to exercise your right to:
- get information about what personal data the Hotel has registered on you;
- change or update the stored data and correct any errors in that data;
- request that unnecessary data is erased;
- stop receiving emails from us, such as newsletters and similar;
- withdraw your consent to the collection, processing, use or disclosure of your personal data to third parties;
- request information about your right to data portability, i.e. your right to obtain, reuse and transfer personal data provided to the Hotel to another IT environment;
you should contact the Hotel via the contact information stipulated above in section 1.
If you believe that our processing of your personal data infringes relevant data protection regulations, you are entitled to lodge a complaint with the supervisory authority of your habitual residence, place of work or place of the alleged infringement, or other relevant supervisory authority. In Norway, this is Datatilsynet.