Personal Data Protection Policy

Information about our processing of your personal data, etc.

We are the data controller, and this is how to contact us:

Hotel Atlantic is responsible for the processing of the personal data we have received about you. Our contact information is listed below.

  • Name: Hotel Atlantic
  • Address: Europaplads 10, DK-8000 Aarhus
  • CVR No.: 41355034
  • Phone: +45 86131111
  • Email address: gdpr@hotelatlantic.dk  

The purposes of our processing of personal data, the types/categories of data and the legal basis for the processing of your personal data

Hotel Atlantic collects personal information for the purpose of meeting our obligations and to process, optimise, improve and deliver the services that you order from us and which you enter into agreement to purchase.

The kinds of personal data we process:

  • First names and family names, address, city, postcode/zip code, phone number and e-mail address. For companies: company name, business registration number (CVR number), address, city, postcode/zip code, phone number, contact persons and their contact information, e-mail address and website
  • Feedback via guest surveys
  • Demographic information
  • Credit card information
  • Feedback on social media and other digital platforms
  • Browser information

The processing of your personal data is based on our legitimate interest in processing customer service requests and providing our services. We process your personal information in accordance with applicable data protection legislation as well as legislation pursuant to the company’s business area.

It is paramount for us to take good care of our customer data, which is why we have implemented technical and organisational measures that allow us to comply with our data responsibilities.

We train all employees to comply with our guidelines for good data processing practice so to limit errors and continuously improve our data processing. In addition, we have introduced an IT Security Policy, which sets the direction for the company’s overall security measures.

We have introduced access restriction so that employees are only granted access to personal information provided this information is relevant to their job function. We will continuously assess the need to use encryption or pseudonymization of personal information as a risk-mitigation initiative (SRMI).

To secure our data, we use antivirus programmes, renew our passwords regularly, update our systems, and keep up to date with IT developments so that we can protect ourselves against vulnerable IT systems and current IT threats.

 

How we collect personal information:

  • When you purchase / request a service from Hotel Atlantic (both as B2C and B2B customer)
  • From people acting on your behalf
  • Via browser cookies
  • Via Hotel Atlantic’s digital services
  • From social media
  • Via CCTV surveillance, which has been adopted as a security measure for employees and guests

Storage of your personal information

We store your personal information when necessary and erase this information when we are no longer required by applicable law to store the information, or when there is no longer a purpose for the processing of this data.

Your rights

In accordance with Danish Data Protection Regulation, you enjoy a number of rights in relation to our processing of your personal information. If you wish to make use of your rights, please contact us.

Right of Access

You have the right to access the information we process about you as well as a range of other information.

Right to Rectification (i.e. to correct)

You have the right to have incorrect information about yourself corrected.

Right to Erasure

Under certain circumstances, you have the right to have information about yourself erased before our general deletion process takes place.  

Right to Restrict Processing

Under certain circumstances, you may have the right to have the processing of your personal data restricted. If you are subject to such a right, we may henceforth only process this information – apart from storing it – with your consent, or for the purpose of establishing, pursuing or defending ourselves against legal claims or to protect a person or important societal interests.

Right to Object

Under certain circumstances, you have the right to object to our lawful processing of your personal data. You may furthermore object to the processing of your information for use in direct marketing. You can read more about your rights in the Danish Data Protection Agency guide that covers the rights of persons whose personal data has been registered. You will find the guide at www.datatilsynet.dk.

Complain to the Danish Data Protection Agency

You have the right to file a complaint with the Danish Data Protection Agency if you are dissatisfied with the way we process your personal data. You will find the Danish Data Protection Agency’s contact information at www.datatilsynet.dk  

Document information

This is the 1st version of Hotel Atlantic’s Privacy Policy, issued on 19 March 2021.