Personal data policy for the processing of guest, customer and supplier data
CHARLOTTEHAVEN A/S is controller.
The contact information of CHARLOTTEHAVEN A/S is:
Tel: +45 35271501
CHARLOTTEHAVEN A/S handles all personal data in accordance with current legislation on personal data.
CHARLOTTEHAVEN A/S agrees with guests, customers and suppliers on delivery – purchase and sale – of various services and products.
When a guest/customer orders and buys one or more of the services of CHARLOTTEHAVEN A/S and as part of this provides his/her personal data to CHARLOTTEHAVEN A/S, the guest/customer simultaneously consents to processing of his/her personal data by CHARLOTTEHAVEN A/S.
The same applies as regards any personal data that suppliers of CHARLOTTEHAVEN A/S provide to CHARLOTTEHAVEN A/S when they make an offer, quote a price or conclude an agreement with CHARLOTTEHAVEN A/S.
Collection of personal data by CHARLOTTEHAVEN A/S
Personal data is collected by CHARLOTTEHAVEN A/S in the following way:
When a guest/customer – or a representative of the guest/customer – chooses to obtain a quotation for and/or buy one of the services/products of CHARLOTTEHAVEN A/S or when a supplier makes an offer, quotes a price or sells products or services to CHARLOTTEHAVEN A/S
From B2B market
Via browser cookies and web beacons
In connection with use of the digital services of CHARLOTTEHAVEN A/S
In the case of participation in the customer/loyalty programme of CHARLOTTEHAVEN A/S and in the case of subscription to the newsletter of CHARLOTTEHAVEN A/S
From social media, advertising and market research firms and public registers
Via video and television surveillance
When suppliers conclude agreements with CHARLOTTEHAVEN A/S or make an offer or quote a price to CHARLOTTEHAVEN A/S
Collection and processing of personal data (see above) will always be in accordance with the current legislation on personal data.
Video surveillance, which is installed in all guest areas, is undertaken as a crime prevention measure and also functions as a measure to create safety and security for employees and guests.
Data collected by CHARLOTTEHAVEN A/S
CHARLOTTEHAVEN A/S collects the following personal data:
Name, address, telephone number, e-mail address, date of birth and other general personal data that is not sensitive personal data
Payment card information – typically as a guarantee for a reservation, for payment of stays and registration for payment via PBS
Purchase history including also the use of digital services
The use of the customer/loyalty programme of CHARLOTTEHAVEN A/S
Information from the customer surveys of CHARLOTTEHAVEN A/S
Information from any competitions offered
Information from the social media of CHARLOTTEHAVEN A/S and other digital platforms that belong to CHARLOTTEHAVEN A/S
Information on the undertaking of the guest/customer and relevant contacts
Information on the undertaking of suppliers as well as information on relevant contacts and key personnel, including key accounts
A guest/customer/supplier can voluntarily and at his/her own option give CHARLOTTEHAVEN A/S additional personal data that he/she believes may be of importance to servicing of the guest/customer/supplier by CHARLOTTEHAVEN A/S or which the person concerned believes should be given for security reasons.
This may, for example, be information about:
Special food preferences
Other health and medicine information
If a guest/customer/supplier chooses to provide such data voluntarily and at his/her own option, CHARLOTTEHAVEN A/S regards this as consent to registering and storing such sensitive data on the person concerned.
In addition to the information that CHARLOTTEHAVEN A/S receives direct from guests/customers/suppliers, CHARLOTTEHAVEN A/S will in some cases obtain or process additional data that CHARLOTTEHAVEN A/S has received from third parties, e.g. a travel agency or another intermediary or an employee of the undertaking in which the data subject is employed.
Where this is the case, the third party in question is obliged to inform the guests/customers/suppliers in question of the terms and conditions of CHARLOTTEHAVEN A/S as well as the personal data policy of CHARLOTTEHAVEN A/S. It is also the responsibility of the third party in question to ensure that the necessary legal basis exists for collection and processing of the data in question, including obtaining any necessary consent to process any sensitive data.
Payment by payment cards
CHARLOTTEHAVEN A/S uses DIBS www.dibs.dk (Nets), for acquiring of payments by payment and credit cards. DIBS and CHARLOTTEHAVEN A/S are approved and certified by Pengeinstitutternes Betalingssystem (www.pbs.dk).
In connection with orders and bookings, CHARLOTTEHAVEN A/S stores the data that the guest/customer/supplier has provided for up to 3 months after which the data is deleted.
Apart from being used for handling of the order, the data provided is used solely if a guest/customer/supplier has questions or if there is an error in relation to the order.
What is the purpose of collection and processing?
CHARLOTTEHAVEN A/S collects only personal data that is necessary to perform the agreements that are concluded with guests/customers/suppliers concerning provision of services, e.g. an overnight stay, or purchase/sale of products or services.
It is the content of the individual agreement/the nature of the individual service that is the criterion for the personal data collected and processed by CHARLOTTEHAVEN A/S and which is the criterion for the purpose of collecting the data.
The purpose of collection and processing of personal data will primarily be:
Processing of the bookings by guests/customers and their purchase of services provided by CHARLOTTEHAVEN A/S
Processing of offers of or quotations for products and services from suppliers and sale of products or services by suppliers
Contact with the gu est/customer before, during and after his/her stay
Compliance with the request of the guest/customer for a quotation for or purchase of services
Improvement and development of the services of CHARLOTTEHAVEN A/S
Tailoring the marketing and other communication of CHARLOTTEHAVEN A/S
Analysis of the user behaviour of guests/customers/suppliers and marketing in relation to these
Tailoring the communication and marketing of the business partners of CHARLOTTEHAVEN A/S in relation to guests/customers/suppliers
Administration of the relation of guests/customers/suppliers to CHARLOTTEHAVEN A/S, including participation in the customer/loyalty programme of CHARLOTTEHAVEN A/S
Compliance with statutory requirements, e.g. requirements to register overnight guests in accordance with the legislation on aliens and the executive order on passports
Authority - the legal basis - for processing
CHARLOTTEHAVEN A/S will most often process personal data because it is necessary to perform an agreement with CHARLOTTEHAVEN A/S to which you as a guest/customer or a supplier is a party. It may be for example in connection with a hotel stay, the holding of a meeting, a café visit, fitness and/or handling and performance of collaboration and supplier agreements.
In addition to this, CHARLOTTEHAVEN A/S will process personal data in connection with booking prior to an overnight stay, the holding of meetings, parties, conferences, the café etc. and prior to the conclusion of supplier agreements.
In some instances, the processing of personal data by CHARLOTTEHAVEN A/S will be carried out as an element in CHARLOTTEHAVEN A/S pursuing a legitimate/objective interest that takes precedence over the interests of the guest/customer/supplier (the data subject).
Such a legitimate interest may be for example preparation of statistics, customer surveys, marketing and analysis of the general behaviour of guests/customers the intention of which is to generally improve the experience at CHARLOTTEHAVEN A/S and the quality of the services and products of CHARLOTTEHAVEN A/S.
If in connection with his/her stay/visit at CHARLOTTEHAVEN A/S, a guest/customer provides information on special personal preferences or things to be considered, including for example health information, disabilities, religious belief or the like, CHARLOTTEHAVEN A/S uses the data only to ensure that allowance is made for the personal preferences, health etc. of the guest/customer.
In a number of situations, CHARLOTTEHAVEN A/S receives personal data from a third party, e.g. a travel agency, an agent or the like for example in connection with group bookings. When this happens, the third party concerned is under instructions to inform the guests/customers/suppliers in question of the terms and conditions of CHARLOTTEHAVEN A/S and the content of the personal data policy of CHARLOTTEHAVEN A/S.
In addition to this, CHARLOTTEHAVEN A/S is by law (see above in clause 5) obliged to record various kinds of information about overnight guests. This information is stored for at least one year and at most two years.
Rights of the data subject
According to the rules of the personal data regulation, the data subjects (customers/guests/suppliers) have various rights.
A data subject has at any time the right to obtain access to the personal data processed by CHARLOTTEHAVEN A/S on the data subject
A data subject has at any time the right to have the personal data that CHARLOTTEHAVEN A/S has on the data subject rectified and updated.
A data subject has at any time the right to have personal data that CHARLOTTEHAVEN A/S has on the data subject deleted. If a data subject requests erasure, all the data that CHARLOTTEHAVEN A/S is not obliged to keep according to legislation is deleted. Erasure of the data of the data subject can in some cases mean that CHARLOTTEHAVEN A/S cannot perform agreements concluded or provide specific services to the data subject.
If a part of the data that CHARLOTTEHAVEN A/S has on the data subject was given on the basis of the consent of the data subject, the data subject is entitled to withdraw the consent at any time, which means that the data is deleted or is no longer used by CHARLOTTEHAVEN A/S. This does not apply to data that CHARLOTTEHAVEN A/S is statutorily obliged to keep.
The possibility of requesting erasure etc. may be limited, however, in the interests of the protection of the privacy of other persons, trade secrets and intellectual property rights as well as for example in the interests of the possibility of enforcing potential legal claims.
The data subject can at any time request CHARLOTTEHAVEN A/S in writing to receive a list of and a copy of the personal data on the data subject of which CHARLOTTEHAVEN A/S is in possession.
A written request for this must be signed by the data subject and must contain the name, address, telephone number and e-mail address of the data subject.
The data subject can also contact CHARLOTTEHAVEN A/S if the data subject is of the opinion that his/her personal data is processed contrary to legislation or contrary to other legal obligations, e.g. the agreement/contract that the data subject has with CHARLOTTEHAVEN A/S.
A written request is to be sent to CHARLOTTEHAVEN A/S, se contact information above in clause 1.
As far as possible, CHARLOTTEHAVEN A/S will send this to the postal address of the data subject within 1 month after receipt of the written request of the data subject.
If the data subject requests a correction and/or erasure of his/her personal data, CHARLOTTEHAVEN A/S will assess whether the conditions for the request have been met and CHARLOTTEHAVEN A/S will in that case change or delete the data as soon as possible.
CHARLOTTEHAVEN A/S reserves its right to reject requests that are in the nature of unfair repetition or which require disproportionate technical measures (e.g. development of a new IT system) or which affect the protection of the personal data of other data subjects or in other situations where it will require a disproportionate number of measures or will be very complicated to comply with the request.
Security and sharing of personal data
CHARLOTTEHAVEN A/S protects the personal data of the data subject and has laid down guidelines that protect the personal data of the data subject against unauthorised publication and against unauthorised persons getting access to or obtaining knowledge of the personal data.
Only the persons/employees at CHARLOTTEHAVEN A/S who need the personal data of the data subjects by virtue of their job function have access to the data.
CHARLOTTEHAVEN A/S checks on an ongoing basis that unauthorised access to the personal data of the data subjects does not occur.
CHARLOTTEHAVEN A/S backs up the personal data of the data subject on an ongoing basis.
In the case of a breach of security where there is a high risk of abuse of the personal data of the data subjects, including e.g. identity theft, financial loss, loss of reputation or other kinds of abuse, CHARLOTTEHAVEN A/S will notify the data subjects of the breach of security as soon as possible.
The security procedures of CHARLOTTEHAVEN A/S are reassessed and updated on an ongoing basis in relation to the technological development.
CHARLOTTEHAVEN A/S engages a number of external suppliers of IT services, IT systems, payment solutions etc.
CHARLOTTEHAVEN A/S concludes data processing agreements with all the suppliers of CHARLOTTEHAVEN A/S on an ongoing basis whereby it is ensured also in relation to external processors that they maintain a necessary and high protection level as regards the personal data of the data subjects.
In a number of cases, CHARLOTTEHAVEN A/S is statutorily obliged to disclose personal data or obliged to do so as a result of a decision from a public authority.
CHARLOTTEHAVEN A/S deletes your personal data when the statutory obligation of CHARLOTTEHAVEN A/S ends or when the purpose of collecting and processing the data no longer exists. All personal data is deleted after 24 months if the customer/guest/supplier has not been active.
Complaints about processing of personal data by CHARLOTTEHAVEN A/S can be submitted to the Danish Data Protection Agency, BORGERGADE 28, 5, DK-1300 COPENHAGEN K, TELEPHONE +45 3319 3200 - E-MAIL email@example.com