When you use one of our digital services, we collect information about your usage. Some of this information may be personal data. This privacy notice sets out how we collect, store and process this personal data when you use MyHotel.
Personal data is any information that can be directly or indirectly used to identify a living person. It can be data such as name, address, national ID number, email address and phone number. It is also information like booking number, encrypted data and electronic identities, like an IP number, if they can be traced back to an identifiable living person.
If you log onto MyHotel using your MyPage account and log in information, MyHotel will automatically download your name, email address, age, nationality, phone number and password from your MyPage account and store them in a local database. The data is stored for 20 days and then anonymized in such a way that it cannot be used to identify anyone individually.
When you make a booking through MyHotel we collect the information we need to be able to organize the activity. This is the name, room number and email address of the participant.
If relevant, we also collect the name of any child who is to participate in the activity. We also collect information about the child’s age, spoken language, any allergies, and the name, phone number, email address, room number and location of the child’s guardian/responsible adult during the activity.
If needed for offering the best possible experience, we will ask you to provide information about any food intolerance and/or allergies. Please note that providing this information is optional.
**Using websites, apps or other digital services **
Whenever you use one of our websites, apps or another of our digital services we collect information about your usage of the service. We collect information about how you navigate the service, your searches and which of our products you show an interest in.
The information we collect when you make a booking through MyHotel is used for administration of the activities. This means the information is used to make lists of participants, collect payment, and contact you on matters relating to your booked activity should the need arise. Information about food intolerance and/or allergies is collected to offer the best possible experience.
When providing us with information about food intolerance and/or allergies you consent to the processing of such information. Access to this information will be restricted and the information will only be used during the performance of the activity.
**Log in and using websites, apps or other digital services **
We use the information we collect about our customers' use of our digital services to develop and improve our products and services. For our digital services we use usage pattern information to determine how and what information, offers and promotions we show on our websites and what functions we develop and provide. We also use customer information to develop our holiday products to suit customer preferences and behavior, and to e.g. address problems or improve customer safety.
We mainly use anonymous or anonymized data on an aggregated level to analyze user behaviours. We may use personal data for these purposes if it is relevant.
We store your personal data only as long as it is needed to fulfil the purposes of the data collection and processing.
Information collected when you make a booking through MyHotel is stored for three (3) weeks. At that point the data is anonymized. We store anonymous user data to analyze and develop our product offering. Information about food intolerance and/or allergies is deleted.
Activities booked through MyHotel take place at the destination. This means that your personal data may be processed outside the EU/EEA. The data may also be processed by resort staff at the destination not employed directly by us. The data is only processed in our systems and in our express direction.
We use a number of IT services and IT systems in our business. Some of these systems process personal data. We take your integrity and the security of your personal data seriously during all such processing. Some systems are locally installed and only accessible by our staff. In these cases, no personal data is transferred to any third party. Some systems are cloud solutions or installed at a provider’s premises and require transferring personal data to a third party. In all such cases the provider is our data processor, acting on our behalf and in accordance with our instructions.
Internally we process personal data in our customer management system, our booking- and sales systems, our customer service system and in a system for data processing and optimization. These systems are required to provide you with the services you have requested from us and to provide customer care and support in conjunction with those services. Any personal data we collect may be processed in any or all of these systems.
We use external providers for profiling and user behavior analysis on our websites and for handling user feedback. These providers process personal data under a data processing agreement on our behalf. The data being processed is for the most part information collected by cookies which is processed on an anonymous and aggregated basis.
Your personal data is processed when it is necessary to fulfil a contract or legal obligation or when it is within our legitimate interest. Our legitimate interest is analyzing customer behaviors to improve our service and products and sharing information within our business group. The processing of information on food intolerance, allergies or other special categories of personal data is based on your consent. You can withdraw your consent at any time should you so wish by following the instructions given when you consented to the processing.
You have the right to demand that personal data about you is erased, amended or corrected. You also have the right to object to processing your personal data for specific purposes, such as direct marketing or profiling.
It is possible that the same information is being processed for multiple purposes, some of which require consent and some of which do not. This means that even if you do withdraw your consent and the consent-based processing is stopped, the information may still be retained and processed by us for other purposes that do not require your consent.
If you want to know what personal data we hold about you, you can apply for a record of your personal data using the contact information listed below. Such a record is provided on request free of charge once per year.
You can contact the Nordic Leisure Travel Group's data protection officer through this form, tel. +46 (0)8 5513060, e-mail DPO@nltg.com or regular mail sent to NLTG AB, Rålambsvägen 17, 105 20 Stockholm.
The tour operator (Ving, Spies or Tjäreborg) is the data controller for personal data collected and processed on this website. The tour operators are part of the Nordic Travel Leisure Group AB (NTLG). The tour operator and NTLG are joint data controllers for this personal data collection and processing. However, the tour operator is your point of contact for any issues or requests.
Personal data collected by the tour operator will be processed by NTLG for the same purposes.
If you have questions regarding your personal data during your holiday with us we kindly ask you to contact the reception at your resort.