Privacy and cookies

1. What is personal data and who is responsible for it?

Personal data is information and assessments that can be linked to a physical individual. This may include, for example, name, residence, phone number, email address, or IP address.

Any collection, registration, compilation, storage, and disclosure of personal data is called processing of personal data. All processing of personal data in Norway is subject to the Personal Data Act, and the Data Protection Authority supervises the law.

The one who decides what the personal data will be used for is called a data controller. The data controller must ensure that the personal data is processed in accordance with the applicable rules.

The data controller for the personal data we process is Hotel Union Geiranger, c/o the Managing Director. Contact information for Hotel Union Geiranger is:

Email: info@hotelunion.no
Phone: +47 70 26 83 00
Address: Geirangervegen 100, N-6216 Geiranger, Norway
Organization number: 960 465 725

2. Why do we collect personal data and what kind of data do we collect?

We collect information you provide to us and about your use of our services. We collect the following personal data for the purposes indicated here:

1. Sending marketing, newsletters, and information about our business to your email. The processing is based on your consent.

2. Responding to inquiries that come in to us, for example by emailing us at info@hotelunion.no, by phone, or providing feedback through features in the service (comment fields, forms, or similar on our website). Name, phone number, email address, and any other personal data that may follow from the inquiry. The processing of personal data is based on a balancing of interests. We have assessed that this is often necessary for us to help you with what you are wondering about.

3. To deliver the service you have ordered from us. Name, phone number, email address, and any personal data that may result from the order. The processing is necessary to fulfill the agreement with you.

4. To obtain information about the use of our websites, we use cookies. You can read more about cookies and which cookies we use in our cookie declaration. We process personal data based on a balancing of interests. We have assessed that it is necessary for us to adapt the website to our users. However, we ensure your privacy by only using the information for statistics. This statistics cannot identify you as an individual. Furthermore, we delete personal data collected via the website daily.

5. We may use information about your activity on our services combined with technical data (such as log files among others) to prevent, limit, and investigate various types of abuse of our services. By “abuse” we mean, among other things, the use of fake profiles, spamming, harassment, attempts to log into other people's accounts, as well as other behavior that is in violation of applicable legislation.

Cookies
We use cookies to improve the user experience of our website. A cookie is a small text file that is stored on your device (e.g., your smartphone, PC, iPad, etc.). Cookies help identify which pages are visited by our websites. The information stored using a cookie may be to find out how you as a user utilize our websites, which web browser you use, and which websites you have visited. A permanent cookie remains on your device indefinitely. A session cookie is stored randomly in your device's memory while you are on our websites. Session cookies are deleted when the web browser is closed. We use both permanent cookies and session cookies.

If you do not want our websites to be stored on your device, you can deactivate cookies in your web browser. If you disable cookies in your settings on your device, the functionality of our websites will be reduced.

3. Who do we share the information with?

We do not disclose your personal data to others unless there is a legal basis for such disclosure. This means that we will not share, sell, or disseminate personal data in any way other than described in this privacy policy unless it has been specifically agreed with you or a legal basis requires us to disclose the information.

We use data processors to collect, store or otherwise process personal data on our behalf. In such cases, we have entered into agreements to ensure information security at all stages of processing. We currently use the following data processors:

• PcSupport AS

• Sorentio AS

• Havnevik AS

• Avento AS

• SPI AS

Public authorities
If required by law or if there is suspicion that a crime has been committed in connection with the use of our services, the information we have stored about you may be disclosed to public authorities.

4. Retention period and how you can manage, correct, or delete the information we have about you

We will not store personal data longer than necessary to fulfill the purpose of processing and the legal obligations we have. This means, for example, that personal data that we process based on your consent will be deleted if you revoke your consent. Personal data we process to fulfill an agreement with you will be deleted when the agreement is fulfilled and all obligations arising from the contractual relationship are met.

You have the right to request access, correction, or deletion of the personal data we process about you. You also have the right to request restricted processing, object to processing, and request the right to data portability. You can read more about the content of these rights on the Data Protection Authority's website: www.datatilsynet.no. It is also important for us that the information we have about you is correct and up to date.

If you log in, you can access data that Hotel Union Geiranger has stored about you in the service in our database, which is available through your account via the webshop or by contacting us at info@hotelunion.no. In this way, you can also control the extent to which data about you is used for personalizing our services and products that we advertise on our websites or others.
You can change data that is stored about you in connection with Hotel Union Geiranger at Union spa or other hotel products by logging into “My page” on the relevant service or by contacting us at info@hotelunion.no.

You can also contact us at info@hotelunion.no to exercise your rights. We will respond to your inquiry to us as soon as possible, and no later than within 30 days.
You may withdraw your consent for the processing of personal data with us at any time.

The simplest way to do this is to log in to your account via the webshop or by contacting us at info@hotelunion.no.

5. Complaints

If you believe that our processing of personal data does not conform to what we have described here or that we otherwise violate the personal data legislation, you can complain to the Data Protection Authority.

You can find information on how to contact the Data Protection Authority on the Data Protection Authority's website: www.datatilsynet.no

6. Particularly about children's privacy

As a general rule, we do not wish to collect or otherwise process personal data about children under the age of 15, except for our services on Facebook accounts where anyone can comment on articles.
There are special monitoring protocols for these comments. If children under 15 years have nonetheless provided us with personal data in other contexts, we will delete the information as soon as we become aware of the matter. Guardians can contact us as indicated below.

7. Implementation of changes

We may periodically update this privacy policy to reflect any changes to the website or our website policy. The same applies to changes regarding the regulations for processing personal data. In case of substantial changes, we will inform specifically in the services that are affected.

8. Contact information

If you have questions about our processing of personal data or this privacy policy, please contact us at info@hotelunion.no.

For questions related to your subscription, see contact information on where you have signed up for our online spa booking. Any other information can be obtained from info@hotelunion.no.

For questions related to your subscription, see contact information on where you have signed up for our online spa booking. Any other information can be obtained from info@hotelunion.no.

Last updated: May 2018