PRIVACY POLICY

PRIVACY POLICY

Privacy Policy

Under CVR number 18 45 03 72 driver Geschwendtner I/S:

Munkebjerg Hotel
Vejle Center Hotel
The Treetop Restaurant

The above are individually called "The business” in this joint personal data policy.

One of the Company's overall goals is to maintain the highest level of security for our guests, customers and employees. This also applies when it comes to the protection of personal data.

With this policy, the company wants to map out in a clear and comprehensible way how the company handles your personal data.

1. Data controller

The company is the data controller.

The company's contact details are:

it@munkebjerg.dk, Att.: IT manager

The company carries out all handling of personal data in accordance with applicable legislation.

The company provides a wide range of services. Separate terms and conditions apply to each individual service.

When you submit your personal data to the Company when ordering one or more of these services, you also give your consent for your personal data to be processed by the Company.

 

2. How does the Company collect personal data?

The company collects personal data as follows:

When you choose to buy and/or request one of the Company's services.

From people acting on your behalf.

In B2B market. For example, in a sales situation where an offer is requested for one of the Company's services and/or a cooperation agreement is requested.

Via browser cookies and web beacons.

In connection with the use of the Company's digital services.

When you subscribe to newsletters from the Company.

From social media, advertising and analysis providers as well as public records.

Via TV surveillance.

Collection of personal data and processing of this will at all times take place in accordance with the law.

TV surveillance is set up as a safety-creating measure for employees and guests.

The monitoring will basically take place at the Company's entrance, parking, in guest and employee areas, in the reception and bar as well as when delivering goods.

 

3. What information does the Company collect?

The company collects the following personal data:

Name, address, phone number, e-mail address, date of birth and other general personal data.

Credit card details - possibly as a guarantee for your booking.

Demographic information.

Purchase history and other digital services.

Feedback via our customer surveys.

Feedback on social media and other digital platforms.

Browser Information.

Video recordings.

At your own discretion, you can choose to provide the Company with personal data in addition to the general personal data that you assess may be important either for security reasons and/or to give the Company the opportunity to tailor the service especially for you.

This may, for example, be information about:
Handicap
Allergy
Special food preferences
Medical condition

 

4. Online shopping with credit card

In the Company's booking system and gift card ordering, Nets (Netaxcept and Nets Easy) are used in connection with the users' purchase of goods and payment by credit card.

Credit card information is not stored by the Company.

 

5. What is the purpose of the collection?

The company only collects personal data that is necessary for the purpose described in the separate terms and conditions for the service in question as well as in this personal data policy.

It is the individual service that determines both which personal data the Company collects and the purpose of the collection.

The company's purpose for collecting personal data may be one or more of the following:

Processing your reservations and purchasing the Company's services.

Contact you before, during or after your stay.

Fulfillment of your request for services.

Improvement and development of the Company's services.

Adaptation of the Company's communication and marketing towards you.

Analysis of your user behavior and re-marketing.

Adaptation of business partners' communication and marketing to you.

Administration of your relationship with the Company.

Compliance with legal requirements.

6. The legal basis for the processing

Below is an explanation of the legal basis on which the Company bases the processing of your personal data.

The company may, for example, process your personal data because it is necessary to fulfill a contract to which you are a party. This may, for example, be in connection with hotel stays, meeting arrangements and/or cooperation agreements.

Likewise, the Company may process your personal data in order to carry out certain actions and/or preparations at your request prior to entering into a contract.

The processing may also take place so that the Company can pursue a legitimate interest, unless your interest precedes this.

Legitimate interests pursued by the Company include statistics, customer surveys, interest-based marketing and analysis of general user behavior with the aim, among other things, of improving your benefits, your experience and the quality of the Company's services.

If you inform the Company of special preferences and considerations such as health information, disability, religious beliefs or the like, the Company uses the information to adapt the service in question according to your instructions and your stay with the Company in general.

In some cases, the Company will receive personal data from third parties, for example in connection with a group reservation and/or an individual overnight stay made by a third party - for example by an assistant or the like.

In these cases, the person responsible for the group and/or reservation is required to inform the guests involved about the Company's terms and conditions as well as this personal data policy.

Processing of your personal data is further imposed on the Company by law. This is, for example, the case in connection with guest registration at check-in, where the legislation states which personal data the company is required to register.

7. Your rights

Under the Personal Data Regulation you have a number of rights.

The rights are as follows:

You have the right to gain insight into which personal data the Company processes about you.

You have the right to have the personal data the Company has registered about you corrected and updated.

You have the right to have the personal data the Company has registered about you deleted. If you wish to have your personal data deleted, the Company will delete all information that the Company is not required by law to store.

If the processing of personal data is based on your consent, you have the right to withdraw the consent, which means that processing will then cease, unless the Company is required by law to process the personal data.

However, access may be limited for reasons of privacy protection of other persons, trade secrets and intellectual property rights.

By written request to the Company, you can either receive a printout of your personal data, have your personal data updated, object or request that your personal data be deleted.

The request must be signed by you and contain your name, address, telephone number, e-mail address.

You can also contact the Company if you believe that your personal data is being processed in violation of the law or other legal obligations.

The request is forwarded to:
it@munkebjerg.dk, Att.: IT Manager

The company will forward this to you within 1 month of receiving your request for a printout.

In the case of requests for corrections and/or deletion of your personal data, the Company examines whether the conditions are met and, if so, implements changes or deletion as soon as possible.

The company can reject requests that are either unreasonably repetitive, require disproportionate technical intervention (e.g. to develop a new system or significantly change an existing practice), affect the protection of others' personal information, or in situations where the requested action must be considered extremely complicated (e.g. requests for information that only exists as backup copies).

8. If you apply for a position with the Company

When you apply for a position with the Company, information that you have given the Company in connection with your application is processed.

Typically these will be general personal information such as name, address, telephone number and e-mail address, educational background information as well as information on current and past employment.

The Company uses the information to assess whether the Company wishes to offer you employment, as well as to communicate with you in connection with the recruitment process.

If you are employed by the Company, your information will be stored in accordance with the Company's personal data policy for employees, which you will find in the Company's personnel handbook.

Applications from candidates who are not employed are, as a general rule, kept for 6 months after the refusal has been given.

In certain cases, the company may also pass on your personal data if this is required by law, a court decision or applicable legislation.

If you want access to the information that the Company processes about you, either in connection with updating your information or because you want the Company to delete your information, you can contact the HR function at the Company.

You may object at any time to the fact that information about you is subject to further processing.

 

9. Security of storage and sharing of your personal data

The company protects your personal data and has adopted internal rules on information security, which contain instructions and measures that protect your personal data against unauthorized disclosure and against unauthorized persons gaining access or knowledge of it.

The company has established procedures for granting access rights to those of our employees who process sensitive personal data and data that reveal information about personal interests and habits. The company controls their actual access through logging and monitoring.

To avoid data loss, the Company regularly backs up its data set.

In the event of a security breach that results in a high risk to you of discrimination, ID theft, financial loss, loss of reputation or other significant disadvantage, the Company will notify you of the security breach as soon as possible.

The company's security procedures are continuously revised based on the latest technological developments.

In addition to the Company's internal systems, the Company uses external suppliers of IT services, IT systems, payment solutions, etc.

The company has entered into data processing agreements with all the relevant suppliers in accordance with the new EU regulations for the processing of personal data (GDPR). This ensures a high level of protection for your personal data.

In order to provide the highest level of service, the Company shares selected personal data, among other things at your request, with external suppliers such as restaurants, hotels, etc.

Where necessary, the Company also shares and passes on your personal data internally within the Company. The purpose of the division is to be able to provide the most optimal service to you, regardless of which hotel or which department in the Company you turn to.

In certain cases, the company may also be obliged to pass on personal data in accordance with legislation or following a decision by a public authority.

The company deletes your personal data when the company is no longer required by law to store the information or when there is no longer a purpose for the processing.

Cf. rules in the Aliens Order and the Passport Order respectively, the Company registers various information about the guests. For foreign guests, this information must be stored for a minimum of 1 and a maximum of 2 years, while for Danish guests it must be stored for 1 year. The above is solely for the purpose of being able to make the information available to the Police.

The company can legitimately use a guest's e-mail address for marketing its own similar services to the one the guest has purchased, e.g. an overnight stay. This assumes, however, that the rules on this in section 10 of the Marketing Act are complied with. It will, among other things, say that the guest must be informed that, for example, an e-mail address can be used for marketing, and the guest must subsequently have the opportunity to opt out of this. In addition, the guest can easily and simply subsequently unsubscribe from this marketing.

Sending newsletters requires the guest's consent.

The company may store guest information for a longer period of time than stated above if it is only used for statistical purposes. In that case, the information must be anonymised.

The company may store personal data for a longer period of time on the condition that the storage serves a purpose legitimately purpose. For example, it may be legitimate to store information about job applicants who did not get the advertised job for a period of time, for example to be able to counter any objections about discrimination. The company may also ask for consent to save the information in order to contact the person concerned in connection with a future job advertisement.

When an employee has resigned, it may be legitimate to save the personnel file for a longer period in order to meet any subsequent demands for back payments from resigned employees. Post-processing cases are subject to a 5-year statute of limitations, and claims can thus be raised 5 years back.

If the Company stores personnel information for a longer period, only information that the Company may need is stored. Other information is deleted.

 

10. Cookies

The company and personal data (privacy policy)
The Company collects information about all visits to the Company's websites. At the same time, we encourage users in several places to actively submit information. Collection of information on munkebjerg.dk, vejlecenterhotel.dk, tree-top.dk, hereinafter referred to as the respective websites as "Company website", takes place in compliance with applicable legislation.

Below you can read why we collect information and what we use it for.

 

What information do we collect? 

The Company's website collects information about users and their visits in two ways:

– When using so-called cookies.

– By the user providing information himself.

 

Why do we use cookies?
Each and every visit to the Company's website is registered using cookies. Every time you – or more precisely – your computer visits the Company's website, the cookie tells us about your visit.

The cookie tells us, among other things, how long you visit the website, which sections and how many articles are read, whether your computer has visited us before, which browser and operating system you use, etc.

The information is anonymous and is collected together with the information from all the other users so that we get a statistical overview of the use of the Company's website.

At the same time, cookies ensure that you do not see the same ads again and again, just as all clicks on ads are registered.

In addition, we use the statistics in the editorial work to further develop the Company's website.

 

What is a cookie?
When you visit the Company's website, your computer automatically receives one or more cookies which are transferred from the Company's website to your internet browser. The Company's website then registers your visit and your use of the website.

A cookie is a small text file. It contains no personal information and the information we receive is therefore anonymous.

Most internet browsers allow you to delete cookies, block them or warn you and ask for your consent before a cookie is stored.

Depending on which browser you use, you can get information about how to set up your browser to process cookies in its settings and help functions.

 

personal Information
In addition to cookies, several of the Company's services require you to provide personal information.

In general, we only ask for personal information when, for example, you sign up for our newsletters or if you book a hotel stay via the Company's website.

 

11. Contact

If you have questions, comments or complaints about the Company's processing of personal data, you can write to:

it@munkebjerg.dk, Att.: IT Manager

If this does not lead to clarification, a possible complaint can then be addressed to the Data Protection Authority, Borgergade 28. 5. sal, 1300 København K, telephone 3319 3200, e-mail dt@datatilsynet.dk.

Any changes to the personal data policy will be announced by publishing new terms and conditions on the Company's website.