Privacy policy for HEIMR collection

HEIMR processes your personal data in various contexts, such as when you order services from us, stay at our hotels, eat at our restaurants, use the services we provide and in certain other contexts. In this privacy policy you will find information about how we process personal data and contact information if you have questions or want to request access.

We process your personal data in accordance with the current Norwegian Personal Data Act (GDPR).

DATA CONTROLLER FOR PERSONAL DATA

Our company HEIMR, org. no. 918 165 150, Dronning Mauds gate 1, 0250 Oslo, e-mail post@heimr.com is the data controller for the processing of personal data in our central system for booking and invoicing, the website www.heimr.com. HEIMR is also the data controller for our marketing and sending of emails to our customers and contacts, as well as other digital marketing.

PROCESSING OF PERSONAL DATA RELATED TO BOOKING AND STAYS

When you book a hotel stay with us, we process your reservation and booking information. This includes information about the room type, hotel, prices and dates of your booking. In addition, we process information about additional services such as room upgrades and products you purchase, and any comments you leave in the comments field regarding any medical needs or dietary requests you have.

This is to be able to fulfill the agreement on booking and purchase of services. This is information that you have given us directly or that you have given us via a travel agency or agent. We process this information for as long as it is necessary to fulfill the booking agreement with you and, in addition, for as long as applicable laws or government regulations require us to do so.

PROCESSING OF PERSONAL DATA IN THE USER ACCOUNT

You have the opportunity to create a user account on our website. Here you can choose to register your name, address, interests and other information so that subsequent ordering processes can be simplified. This information is collected from you. The information you provide will be stored together with booking data and purchase history. We will use this information to customize the website and app to your needs and will also use the information to customize your hotel stay with us. The basis for our use of the information is to fulfill agreements with you.

PROCESSING OF PERSONAL DATA FOR MARKETING PURPOSES

If you sign up for our newsletters, we will store and use your email address to send you news and offers from us. We will also use your e-mail address or telephone number to send you news and offers within the rules of existing customer relationships. Our basis is marketing legislation. You can at any time withdraw the consent you have given us or opt out of receiving marketing in existing customer relationships. You can do this by sending us an e-mail to post@heimr.com

PROCESSING OF PERSONAL DATA FOR DEVELOPMENT, TROUBLESHOOTING AND SECURITY PURPOSES

We will process data that includes personal data to troubleshoot and correct errors, improve our services and the technology we use and to analyze usage and user behavior. Furthermore, we will process personal data to verify your identity, including verifying identity in connection with your use of our digital services. We anonymize data or compile statistics as far as possible, but may also process personal data for development, troubleshooting, statistical and security purposes.

PROCESSING OF PERSONAL DATA IN GENERAL

In the case of competitions or other activities that you can participate in, we will process personal data such as name and contact information when this is necessary, for example, to register who participates, and then draw one or more winners. As far as possible, we will provide specific information about this when you participate in competitions or other activities.

If you contact our customer service or otherwise contact us with inquiries, we will process the personal data you provide to the extent necessary to respond to and log your inquiry. The basis for this is legitimate interests or to fulfill agreements with you or respond to your inquiries.

In addition to the processing described in our privacy policy or based on your consent, we will in some cases have to or be able to process personal data when applicable legislation, including the Personal Data Act and the GDPR, valid government orders or court orders require or allow us to do so.

PROCESSING OF PERSONAL DATA ABOUT OUR SUPPLIERS, BUSINESS CUSTOMERS AND BUSINESS CONTACTS

We process data about contact persons at our suppliers, business customers, partners, participants at our events aimed at the business community and other persons acting in a business capacity. We do this in order to work efficiently, enter into and enforce contracts, run our business and develop our business and professional network. Such information typically consists of name, contact information, position, company, expertise, business interests and participation in our events for the business community or previously shown interest in us and our employees.

We store such information for as long as we consider the person to be a business contact with us.

The basis for this is legitimate interests.

DISCLOSURE OF PERSONAL DATA AND STATUTORY PROCESSING

We do not disclose your personal data to third parties unless you have consented to this, or unless applicable legislation, including the Personal Data Act and GDPR, a valid government order or a court permits or requires us to do so.

For the sake of clarity, we inform you that our use of a data processor to process information on our behalf is not considered disclosure.

DISCLOSURE OF INFORMATION TO THIRD PARTIES

We may share your personal data with third parties for the following purposes:

In order to process your reservations and bookings, and complete your travel arrangements and purchases, we need to share your personal data with our hotels, and other companies involved in assisting with your travel arrangements.

We use third parties to provide our services, such as IT providers, social network providers, marketing agencies, credit and debit card companies and fraud control service providers. All such third parties must have adequate protection for your personal data and only process it in accordance with our instructions.

COLLECTION OF PERSONAL DATA FROM OTHERS

To ensure that we have the correct information about you, we may check your information against other sources such as telephone directories, population registers and the like. In some cases, it may be relevant to credit check our course and conference customers, which means collecting credit data from other sources. We collect demographic information such as age, gender and language from other sources. We collect information from our partners when this is legal and necessary for the delivery of services and communication to you.

TRANSFERS TO FOREIGN COUNTRIES

We use several data processors in order to deliver our services to you. Our largest data processor is our booking system Sabre Hospitality Solutions, which is a global provider of hotel bookings.

This means that personal data relating to accommodation bookings is processed in the USA. Disclosure to the United States is based on the EU's model agreement for transfer from us as a data controller in Europe to a data processor in the United States.

COOKIES

We use cookies to improve the user experience of our website.

A cookie is a small text-based data file that is placed on your equipment (your smartphone, computer or tablet, for example). The cookie helps to recognize the type of content and pages visited on our website. Information stored using a cookie may include how you use the website, what type of browser you use and which web pages you have visited.

A permanent cookie remains on your device for a specific period of time. A session cookie is stored randomly in your device's memory while you are on our websites. The session cookie disappears when you close your browser. We use both permanent cookies and session cookies. De Historiske may also use third-party cookies.

If you do not want our website to place cookies on your equipment, you can turn off cookies in your browser. If you disable cookies, the functionality of our website will be reduced.

HOW IS THE INFORMATION STORED?

Information collected through our website, email, benefits club and mobile app is stored in our booking system Synxis, our CRM system Hubspot, and our marketing automation system used for automated marketing communication.

Your personal data will be retained for as long as it is necessary for the purposes described in this Privacy Policy or as long as it is necessary to comply with legal obligations and to resolve any disputes.

YOUR RIGHTS

As an individual, you have several rights under the personal data regulations.

You have the right to demand access, rectification or deletion of the personal data we process about you. You also have the right to demand limited processing, object to the processing and demand the right to data portability.

If you would like access to our processing of your personal data, you can send us an e-mail to post@heimr.com. We will respond to your inquiry as soon as possible, and no later than within 30 days.

We will ask you to confirm your identity or provide additional information before we allow you to exercise your rights with us. We need to do this to ensure that we only give access to your personal data to you - and not someone pretending to be you.

If you believe that our processing of personal data does not comply with what we have described here or that we are otherwise in breach of data protection legislation, you may alternatively complain to the Norwegian Data Protection Authority in Norway, or the supervisory authority in the country in which you are staying at a hotel. You can find information on how to contact the Data Protection Authority on the Data Protection Authority's website www.datatilsynet.no.

CHANGES IN PRIVACY POLICY OR IN PROCESSING

We work continuously to develop and improve our services to our customers. This may change the manner or scope of our processing of personal data. The information we provide through this privacy policy will therefore be adjusted and updated at regular intervals. We will also change the privacy policy when new rules or government practices make it necessary.

CONTACT INFORMATION

HEIMR Collection

E-mail: post@heimr.com

Visiting address: Stortingsgata 22, 0250 Oslo

Postal address: Dronning Mauds gate 1, 0250 Oslo