Effective Date: 20.01.2025
Breeze Hotels AS is committed to protecting your personal data and respecting your privacy. This policy outlines how we collect, use, and protect your personal information in compliance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.
1. Data Controller
Breeze Hotels AS
Organization Number: 934 663 780
Address: Kong Oscars gate 22, 5017 Bergen, Norway
Contact Email: [Insert Contact Email]
2. Personal Data We Collect
We may collect the following categories of personal data:
• Contact Information: Name, email address, phone number, and address.
• Booking Information: Reservation details, payment methods, and special requests.
• Identification Data: Passport or ID details for check-in purposes.
• Technical Data: IP address, browser type, and usage data from our website.
• Preferences: Room preferences, dietary requirements, or accessibility needs.
3. How We Use Your Data
We process your personal data for the following purposes:
• To manage your bookings and provide hotel services.
• To communicate with you about your reservations.
• To comply with legal obligations (e.g., guest registration laws).
• To enhance your guest experience by understanding your preferences.
• To send marketing communications (with your consent).
• To improve our website and services.
4. Legal Basis for Processing
We process your personal data based on the following legal grounds:
• Contractual Necessity: For managing reservations and providing requested services.
• Legal Obligations: Compliance with local laws and regulations.
• Legitimate Interests: For operational improvements and security.
• Consent: For marketing communications or optional services.
5. Data Sharing
We may share your personal data with:
• Service providers (e.g., payment processors, IT support, and marketing agencies).
• Authorities, when required by law or regulations.
• Other parties, only with your explicit consent.
All third parties are contractually obligated to handle your data securely and in compliance with GDPR.
6. Data Retention
We retain your personal data only as long as necessary for the purposes outlined in this policy or as required by law. Reservation records are typically kept for a minimum of 7 years to comply with accounting regulations.
7. Your Rights
Under GDPR, you have the following rights regarding your personal data:
• Right to Access: Request access to your personal data.
• Right to Rectification: Correct any inaccuracies in your personal data.
• Right to Erasure: Request deletion of your data where applicable.
• Right to Restrict Processing: Limit the use of your data in certain circumstances.
• Right to Data Portability: Receive your data in a machine-readable format.
• Right to Object: Object to processing for marketing or legitimate interests.
• Right to Withdraw Consent: Withdraw consent for specific processing activities.
To exercise your rights, please contact us at [Insert Contact Email].
8. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encrypted storage, secure data transmission, and restricted access to authorized personnel only.
9. International Data Transfers
If your data is transferred outside the European Economic Area (EEA), we ensure that adequate safeguards are in place, such as Standard Contractual Clauses or equivalent mechanisms, to protect your data.
10. Cookies
Our website uses cookies to enhance your browsing experience, analyze website traffic, and provide tailored content. Cookies are small text files stored on your device when you visit our site. By using our website, you consent to the use of cookies as outlined in this policy.
You can manage or disable cookies through your browser settings. Please note that disabling cookies may affect the functionality of our website. For more information, refer to our [Cookie Policy].
11. Complaints
If you believe that we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet).
12. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The updated version will be available on our website, and we encourage you to review it regularly.
For further questions or concerns about this Privacy Policy, please contact us at [Insert Contact Email]