Privacy policy

Valid from January 1, 2019
Table of Contents

1 Introduction
2. What is a personal information and what does the processing of personal data mean?
3. For whom does this policy apply?
4. For what is this policy?
5. What does it mean to be responsible for personal data?
6. Skärgårdshotellet in Nynäshamn AB as personal data controller
7. Why do we have to process personal data?
8. What personal data do we collect?
9. How long do we save personal data?
10. Our actions to protect your personal information
11. When we share personal information
12. Your rights
13. Changes to this Policy
14. Contact

1 Introduction
Thank you for choosing Skärgårdshotellet in Nynäshamn AB and an extra big thank you for taking the time to carefully read this Privacy Policy. We want to begin by explaining in a brief summary why we have created this policy. Our basic goal is to make it clear and easy to read
• explain the role that You and We have in this context
• explain how we use the information you share with us in order for us to be able to deliver and continue to develop your hotel experience;
• Ensure that you understand what information we collect and what we actually do with it;
• show how we work to protect your rights and your privacy.
Our goal is that, after reading this policy, you should feel confident that your personal privacy is respected and that your personal data is processed correctly. We therefore also work continuously to ensure that our processing of personal data takes place fully in accordance with applicable legislation and then primarily the new Data Protection Regulation (GDPR), which applies from May 25, 2018.

2. What is a personal information and what does the processing of personal data mean?
2.1 Personal data is any information that can be linked directly, or indirectly with other information, to a living natural person. A non-exhaustive list of examples of personal data is:
• Name
• Personal
• Credit card number
• E-Mail address
• IP address
• Pictures

2.2 Processing of personal data includes any action taken with the personal data, regardless of whether it is performed automated or not. This means that The following actions are covered:
• Collection
• Registration
• Usage
• Bringing
• Transmission
• Erasing

3. For whom does the policy apply?
This Privacy Policy is primarily applicable to individuals who live in our hotel and whose personal data we process (the “Registered”). Different parts of this Privacy Policy may also be relevant to you depending on your relationship with the Skärgårdshotellet in Nynäshamn AB. In summary, it can be said that this policy applies to people who
• are guests at our hotel
• Eat in our restaurant
• arranges meetings or events in our premises
• Visit our website or interact with us in social media
• Communicates with us in other ways, for example with our customer service
By accepting this Privacy Policy, you consent to Skärgårdshotellet in Nynäshamn AB processing your personal information in accordance with this Privacy Policy.

4. What about the policy?
This Privacy Policy regulates how Skärgårdshotellet Hotel in Nynäshamn AB collects and processes personal data in order to be able to deliver and continue to develop our Services.

5. What does it mean to be the Personal Data Officer?
Personal data controller is a natural or legal person or other body that determines the purpose and means of processing personal data. A company is responsible for personal data with regard to personal data they hold for their own account about their employees, customers, suppliers and others.

6. Skärgårdshotellet in Nynäshamn AB as Personal Data Officer
Skärgårdshotellet in Nynäshamn AB is responsible for the personal data processing for the processing of your personal data within the framework of Skärgårdshotellet in Nynäshamn AB. Services and is responsible for ensuring that such treatment takes place in accordance with applicable legislation.

7. Why do we have to process personal data?
7.1 In order for it to be allowed to process personal data, there must always be support in GDPR, a so-called legal basis. Such a legal basis is, inter alia,
• a consent from the Registered
• that the personal data processing is necessary to fulfill an agreement with the data subject, such as an agreement on the use of the Services
• to fulfill a legal obligation, for example with regard to saving data due to accounting obligations
• after a balance of interests, make the assessment that Skärgårdshotellet in Nynäshamn AB has an interest in processing a personal data that is greater than the data subject’s interest in protecting it.

7.2 Skärgårdshotellet in Nynäshamn AB always processes your personal data in accordance with applicable legislation. Our primary reason for processing your personal information is that it is necessary to fulfill our agreement with you regarding the use of our services.

7.3 It may be that the same personal data is processed both by virtue of the performance of an agreement, specifically by consent or by the fact that the task is necessary to fulfill other legal obligations. This means that even if you revoke your consent and the treatment based on the consent ceases, the personal data may still remain with us for other purposes.

8. What personal data do we collect?
In this part of our policy, we want to give you some examples of how we handle personal data to ensure that we continuously deliver fantastic experiences with a high level of service.

8.1 When booking a room at our hotel
When you book a room at our hotel, regardless of whether the booking is made at the hotel reception, by phone, via email or at https://www.skargardshotellet.se, we will handle the following information that you yourself provide to us:
• Your name and contact information (phone number, email)
• Credit card number and other payment information
• Information about your question, point of view or case

8.1.1 We manage your personal information to:
• Identify yourself in connection with your booking at Skärgårdshotellet in Nynäshamn AB
• Charge you for the services and products you have purchased from us
• Contact you with information that concerns your stay, for example via e-mail and SMS
• Produce statistics and perform analyzes for the purpose of improving our Services, goods and offers
• Providing, maintaining, testing, improving and developing our Services and the technical platform used to provide them
• Ensure the security of our Services, to detect or prevent various types of illegal use or use that otherwise violate our Terms of Use
• Inform you about personal and customized offers, promotions and benefits from us and our partners, eg via e-mail and SMS
• Answer your questions and handle your case, for example by remedying errors and handling complaints
• Improve our Services and the information we communicate through our various channels

8.1.2 Legal basis for handling:
We handle your personal information with support in the performance of agreements when we fulfill our commitments to you as a hotel guest (eg when we administer services linked to your hotel room and when we provide relevant offers) and with the support of balancing interests when we have a legitimate interest to use information about your stay and purchases to generate statistics and to develop, improve and ensure the safety of our Services.

8.1.3 Storage Time:
We save your personal information during your hotel stay and then for up to 3 months. To ensure traceability, we save information about our communication with you for 12 months. Your hotel history is saved for up to 2 years for our legitimate interest in analyzing trends over time.

8.2 When booking tables at our restaurants
When you book a table to eat at our restaurant, regardless of whether the booking takes place inside the restaurant, by phone, via email or at https://www.skargardshotellet.se, we handle the following information that you submit to us yourself:

8.3 When you communicate with us
You can choose to communicate with us in many ways, including through our social media accounts or with our customer service through calls or emails. When you book communicates with us, we handle the following information that you submit to us:

8.3.1 Legal basis for handling:
We handle your personal information with support in our and your legitimate interest in handling the case (balancing of interests)

8.3.2 Storage Time:
To ensure traceability, we save information about our communication with you for 12 months.

8.5 When using our Wi-Fi or visiting our website
When you connect to our Wi-Fi, we are the personal data controller for the processing that takes place to connect you to the Internet, but not for the continued processing or for the content of your communication via Wi-Fi. When you connect to our Wi-Fi, we handle
• Your IP address and MAC address When you visit our website we handle:
• Information on how to integrate with and use our website, for example when booking a hotel room
• Information about your visits to our website, through so-called cookies. For more information about how we use cookies, see our cookie policy.

8.5.1 We manage your personal information to:
• Providing our digital services
• Give you support when you experience various types of technical problems
• Maintain, test and improve our digital services • Detect and prevent security attacks, such as virus attacks

8.5.2 Legal basis for handling:
We manage your personal information with support in the performance of contracts when we provide Wi-Fi and with the support of balancing interests for our legitimate interests to maintain, test and improve our digital services.

8.5.3 Storage Time:
We will save your personal data for 3 months after you have used our digital channels and for 6 months from joining our Wi-Fi.

9. How long do we save personal data?
Your personal data is only saved during the period in which there is a need to save them in order to fulfill the purposes for which the information was collected in accordance with this Privacy Policy. Skärgårdshotellet in Nynäshamn AB may save the information longer if it is needed to comply with legal requirements or to guard Skärgårdshotellet in Nynäshamn AB’s legal interests, eg. whether a legal process is in progress.

10. Our actions to protect your personal information
10.1 We at Skärgårdshotellet in Nynäshamn AB have ensured that we have taken appropriate technical and organizational measures to protect your personal data against, among other things, loss, abuse and unauthorized access.

10.2 In order to technically ensure that personal data is processed in a safe and confidential manner, we use digital networks that are protected against intrusion by, for example, encryption, firewalls and password protection. In the event that an infringement takes place, Skärgårdshotellet in Nynäshamn AB has created good routines for identification, damage minimization and reporting. Finally, Skärgårdshotellet in Nynäshamn AB has also prepared a well-functioning method for meeting the data subject’s rights, including regarding the right to be forgotten.

11. When do we share personal information?
11.1 Skärgårdshotellet in Nynäshamn AB will not sell, disclose or distribute personal data to third parties, with the exception of what is stated in this Privacy Policy. Within the framework of the Services, personal data may be passed on to, for example, subcontractors and partners, if this is necessary for the execution and provision of the company’s services. For those cases where we choose to share personal information, we include a so-called personal data assistance agreement to ensure that the recipient of the personal data processes this information in accordance with applicable law and that the recipient has taken the necessary technical and organizational measures according to the GDPR in order to adequately protect the data subject’s rights and freedoms.

11.2 We may also disclose personal information if we are guilty of it under applicable law, court order or if such disclosure is otherwise necessary to contribute to a legal investigation.

12. Your rights
12.1 Skärgårdshotellet in Nynäshamn AB is responsible for ensuring that your personal data is processed in accordance with applicable legislation.

12.2 Skärgårdshotellet in Nynäshamn AB will, at your request or on its own initiative, rectify, de-identify, delete or supplement information that is found to be incorrect, incomplete or misleading.

12.3 You have the right to request access to your personal data. This means that you have the right to request a registry extract of the treatment that we carry out regarding your personal data. You also have the right to receive a copy of the personal data that is processed. You have the right to receive, once a calendar year, through a written signed application, a register extract from which the personal data are registered about you, the purposes of the treatment and to which the recipient information has been provided or to be disclosed. You also have the right to obtain information about the anticipated period during which the data will be stored or the criteria used to determine this period in the registry extract.

12.4 You have the right to correct your personal data. We will at your request, as soon as possible, correct the incorrect or incomplete information we deal with about you.

12.5 You have the right to delete your personal data. This means that you have the right to request that your personal data be deleted if they are no longer necessary for the purpose for which they were collected. However, there may be legal requirements that we should not immediately erase your personal data as a result of, for example, current accounting and tax legislation.
12.6 You have the right to object to personal data processing performed on the basis of a balance of interests. If you object to such treatment, we will only continue the treatment if there are justified reasons for the treatment that outweigh your interests.

12.7 If you do not want to process your personal data for direct marketing, you always have the right to object to such processing by either deregistering directly in each specific email message, or sending an email to info@skargardshotellet.se. When we have received your objection, we will cease to process the personal data for such marketing purposes. If you are not satisfied with how we handle your personal data, you also have the opportunity to report our processing of your personal data to the Data Inspectorate. However, for smooth and efficient handling, we recommend that you primarily contact us so that we can help you with any questions and concerns.

13. Changes to this Policy
Skärgårdshotellet in Nynäshamn AB reserves the right to revise this Privacy Policy from time to time. The date of the last change is indicated at the end of the Privacy Policy. If we make any changes to the Privacy Policy, we will publish these changes to the website. You are therefore advised to read this Privacy Policy regularly to pay attention to any changes. If we change the Privacy Policy in a way that is significantly different from what was stated when your consent was collected, we will notify you of these changes and, if necessary, ask you to agree again to Skärgårdshotellet in Nynäshamn AB’s personal data processing.

14. Contact
Marcus Andersson is responsible for managing your personal information at Skärgårdshotellet in Nynäshamn AB. If you would like further information on how your personal data is handled, please contact us through a written, self-signed request sent to:
Skärgårdshotellet in Nynäshamn AB
To. Marcus Andersson
Kaptensgatan 2
SE-149 31 Nynäshamn

In the letter we want you to state your name, address, e-mail, telephone number and personal number in addition to your case. Also attach a copy of your ID. Answers will be sent to your last stated registration address.