Privacy and cookies

When you contact us to book services, receive our newsletter, or use our website, Hotel Union Geiranger will process personal data about you. The trust of our guests is of the utmost importance to us, and we are therefore committed to protecting your privacy. Here we explain how and why we collect and use information about our users, and how we safeguard your personal data.

1. What are personal data and who is responsible for them?

Personal data means information and assessments that can be linked to an individual person. This can, for example, be a name, place of residence, telephone number, email address or IP address.

Any collection, registration, compilation, storage and disclosure of personal data is referred to as the processing of personal data. All processing of personal data in Norway is governed by the Personal Data Act, and the Norwegian Data Protection Authority supervises compliance with the Act.

The party that decides how personal data will be used is called a data controller. The data controller must ensure that personal data is processed in accordance with the applicable rules.

The data controller for the personal data we process is Hotel Union Geiranger, represented by the managing director. The contact details for Hotel Union Geiranger are:

Email: info@hotelunion.no
Phone: +47 70 26 83 00
Address: Geirangervegen 100, N-6216 Geiranger, Norway
Organization number: 960 465 725


2. Why do we collect personal data, and what kind of information do we collect?

We collect information that you provide to us yourself, as well as data about how you use our services. We collect the following personal data for the purposes described here:

  1. Send out marketing (Mailchimp), newsletters and information about our business to your email address. This processing is based on your consent, which you may withdraw at any time.
  2. Responding to enquiries that come to us, for example when you send us an email, call us by phone, or give feedback through features in the service (comment fields, forms or similar on our website). Name, phone number, email address and any other personal data that may follow from the enquiry. The processing of personal data is based on a balancing of interests. We have assessed that this is often necessary for us in order to help you with what you are asking about.
  3. To provide you with the service you have ordered from us. Your name, phone number, email address and any personal data that may arise from the booking. The processing is necessary in order to fulfil the agreement with you.
  4. To gather information about how our website is used, we make use of cookies. You can read more about cookies and which cookies we use in our cookie statement. We process personal data on the basis of a balancing of interests. We have assessed that this is necessary for us in order to adapt the website to our users. However, we safeguard your privacy by using the information only for statistical purposes. In these statistics, it is not possible to identify you as an individual. Furthermore, we delete personal data collected via the website on a daily basis.
  5. We may use information about your activity on our services, combined with technical data (such as log files and similar), to prevent, limit, and investigate various types of misuse of our services. By “misuse” we mean, among other things, the use of fake profiles, spamming, harassment, attempts to log in to other people’s accounts, as well as any other behavior that is contrary to applicable law.


Cookies
We use cookies to enhance your experience on our website. A cookie is a small text file stored on your device (for example your smartphone, PC, iPad, etc.). Cookies help us identify which pages on our website are being visited. The information stored in a cookie can tell us how you as a user make use of our website, which browser you use, and which pages you have visited. A permanent cookie remains on your device for an indefinite period of time. A session cookie is stored temporarily in your device’s memory while you are visiting our website. Session cookies are deleted when you close your browser. We use both permanent cookies and session cookies.

If you prefer that our webpages are not stored on your device, you can disable cookies in your browser. Please note that if you disable cookies in your device settings, some features on our webpages will be reduced.


3. Who do we share the information with?

We do not disclose your personal data to others unless there is a lawful basis for such disclosure. This means that we will not share, sell, or otherwise distribute personal data in any way other than as described in this privacy policy, unless this has been specifically agreed with you or a legal basis requires us to provide the information.

We are the data processor for data collected by us:


Hotel Union AS
Geirangervegen 101
6216 Geiranger


Public authorities
If required by law, or if there is suspicion that a criminal offense has been committed in connection with the use of our services, the information we have stored about you may be disclosed to public authorities.


4. Storage period and how you can manage, correct or delete the information we hold about you

We will not store personal data longer than necessary to fulfill the purpose of the processing and the legal obligations we are subject to. This means, for example, that personal data we process on the basis of your consent will be deleted if you withdraw your consent. Personal data we process in order to fulfill an agreement with you will be deleted when the agreement has been fulfilled and all obligations arising from the contractual relationship have been met.

You have the right to request access to, correction or deletion of the personal data we process about you. You also have the right to request restricted processing, to object to the processing, and to request the right to data portability. You can read more about these rights on the Norwegian Data Protection Authority’s website: www.datatilsynet.no. It is also important to us that the information we hold about you is correct and up to date.

If you log in, you can access the data that Union Geiranger has stored about you in the service in our database, which is available through your account via the webshop or by contacting us at info@hotelunion.no. This also allows you to decide to what extent your data may be used to personalize our services and products that we promote on our own or others’ websites.
You can change the data stored about you in connection with Union Geiranger at Union Spa or other hotel products by logging in to “My page” for the relevant service, or by contacting us.

You can also contact us to exercise your rights. We will respond to your enquiry as quickly as possible, and no later than within 30 days.
You may withdraw your consent to our processing of your personal data at any time.

The easiest way to do this is to send an email to info@hotelunion.no


5. Complaints

If you believe that our processing of personal data does not correspond with what we have described here, or that we in any other way are in breach of data protection legislation, you may submit a complaint to the Norwegian Data Protection Authority.

You can find information on how to contact the Norwegian Data Protection Authority on its website:www.datatilsynet.no


6. Special provisions on children’s privacy

As a general rule, we do not wish to collect or otherwise process personal data about children under the age of 15, with the exception of our services on our Facebook account where anyone can comment on articles.
There are dedicated monitoring routines for these comments. If children under 15 have nonetheless provided us with personal data in other contexts, we will delete this information as soon as we become aware of it. Parents or guardians may contact us as described below.


7. Implementation of changes

We may update this privacy policy from time to time to reflect any changes to the website or to our website policy. The same applies to changes in the regulations governing the processing of personal data. In the event of significant changes, we will provide specific information in the services that are affected.


8. Contact information

If you have any questions about how we process personal data or about this privacy policy, please contact us at info@hotelunion.no.

For questions related to your subscription, please see the contact information provided where you registered in our online spa booking.

You can also lodge a complaint by contacting the Norwegian authorities:
The Norwegian Data Protection Authority
Tollbugata 3 0152 Oslo
Tel. +47 22 39 69 00
Email: postkasse@datatilsynet.no