Privacy policy

Data protection privacy policy for processing guest, customer and supplier information*

* This is a Danish to English translation. In the event of any discrepancies between the two versions, the Danish version shall prevail.

1. Information systems manager

KolleKolle Hotel & Konferencecenter is the information systems manager.

KolleKolle Hotel & Konferencecenter’s contact information is:
Frederiksborgvej 105, 3500 Værløse, Denmark
e-mail: info@kollekolle.dk, tel.: +45 44984222

KolleKolle Hotel & Konferencecenter processes personal information in accordance with applicable personal data processing laws.

KolleKolle Hotel & Konferencecenter enters into an agreement with guests, customers and suppliers on the delivery – purchase and sale – of various services and products.

When a guest/customer orders or purchases one or more of KolleKolle Hotel & Konferencecenter’s services, and as a result, sends his or her personal information to KolleKolle Hotel & Konferencecenter, the company processes the personal information to fulfil the agreement with the guest/customer.

The same applies to any personal information suppliers for KolleKolle Hotel & Konferencecenter give to KolleKolle Hotel & Konferencecenter when submitting quotes or when entering into agreements with KolleKolle Hotel & Konferencecenter.

2. KolleKolle Hotel & Konferencecenter’s collection of personal information

Personal information is collected by KolleKolle Hotel & Konferencecenter in the following ways:

• When a guest/customer – or a representative of them – chooses to acquire and/or purchase one of KolleKolle Hotel & Konferencecenter’s services/products, or when a supplier submits a quote or sells products or services to KolleKolle Hotel & Konferencecenter.
• From the B2B market.
• Through browser cookies and web beacons.
• In connection with the use of KolleKolle Hotel & Konferencecenter digital services.
• Participation in the KolleKolle Hotel & Konferencecenter customer/loyalty programme and KolleKolle Hotel & Konferencecenter newsletter subscriptions.

• From social media, advertising and analysis providers, and public registries.
• Via video and TV surveillance.
• When suppliers enter into agreements with KolleKolle Hotel & Konferencecenter or submit quotes to KolleKolle Hotel & Konferencecenter.

The collection and processing of personal data, cf. the above, will always be carried out in accordance with applicable personal data processing laws.

Video surveillance that is set up in/by [insert the place where video surveillance is required] occurs as part of crime prevention and serves as a security enhancing measure for employees and guests.

3. Information collected by KolleKolle Hotel & Konferencecenter

KolleKolle Hotel & Konferencecenter collects the following personal information:

• Name, address, telephone number, e-mail address, date of birth and other common, sensitive personal data.
• Payment card details – typically to guarantee a reservation and to pay for a stay.
• Demographic information.
• Purchasing history, including use of the KolleKolle Hotel & Konferencecenter app and/or other digital services.
• Use of the KolleKolle Hotel & Konferencecenter customer/loyalty programme.
• Information from KolleKolle Hotel & Konferencecenter customer surveys.
• Information from competitions.
• Information from KolleKolle Hotel & Konferencecenter’s social media and other digital platforms belonging to KolleKolle Hotel & Konferencecenter.
• Browser information.
• Information about the guest/customer’s company and relevant contact people.
• Information about the suppliers’ business, and information about the relevant contact people and key individuals, including key accounts.

A guest/customer/supplier can, voluntarily and of their choice, give KolleKolle Hotel & Konferencecenter additional personal information that they believe can affect KolleKolle Hotel & Konferencecenter’s service of the guest/customer/supplier, or that the individual in question believes ought to be given.
This can include information about, for example:
• Handicaps
• Allergies
• Special food preferences
• Religious beliefs
• Other health and medical information

If a guest/customer/supplier or his or her representative voluntarily and at one’s own choice decides to disclose this type of information, then KolleKolle Hotel & Konferencecenter interprets this as the consent to register and store this sensitive information about the person in question.

In addition to the information that KolleKolle Hotel & Konferencecenter receives directly from guests/customers/suppliers, KolleKolle Hotel & Konferencecenter will in some cases collect and process additional information that KolleKolle Hotel & Konferencecenter has received from a third party, e.g. a travel agency, another intermediary or from someone employed at the company where the registered individual works.

When this is the case the third party in question is obliged to inform the relevant guests/customers/suppliers about KolleKolle Hotel & Konferencecenter’s terms and conditions as well as about KolleKolle Hotel & Konferencecenter’s data protection privacy policy. It is also the responsibility of the third party concerned to ensure that there is the necessary legal basis for collecting and processing the information in question, including collecting any necessary consent to process any sensitive information.

4. Payment by payment card

KolleKolle Hotel & Konferencecenter uses DIBS www.dibs.dk (Nets) to redeem payments made with debit and credit cards. DIBS and KolleKolle Hotel & Konferencecenter are approved and certified by Pengeinstitutternes Betalingssystem (www.pbs.dk).

For reservations and bookings, KolleKolle Hotel & Konferencecenter saves the information that the guest/customer/supplier has provided for two years, at which point the information is deleted.

In addition to handling the order, the information provided is used only if a guest/customer/supplier, for example, asks if there are errors in the order.

5. Purpose of the collection and processing

KolleKolle Hotel & Konferencecenter only collects personal information that is necessary to meet the agreements entered into with guests/customers/suppliers regarding the provision of services, for instance, overnight stays or the purchase/sale of products or services.
The nature of each individual agreement determines which personal information KolleKolle Hotel & Konferencecenter collects and processes, and also determines the purpose of the collection.

The purpose of collecting and processing personal information will primarily be to:

• Process guests/customer’s booking and purchase of KolleKolle Hotel & Konferencecenter’s services
• Process supplier quotes for – and sale of – products and services
• Contact guests/customers before, during and after their stay
• Fulfil guest/customer requests regarding offers or the purchase of services
• Improve and develop KolleKolle Hotel & Konferencecenter’s services
• Tailor KolleKolle Hotel & Konferencecenter’s marketing and other communication
• Analyse the behaviour of guests/customers/suppliers and marketing directed at them
• Tailor the communication and marketing of KolleKolle Hotel & Konferencecenter’s partners to guests/customers/suppliers
• Administrate the guest/customer/supplier relationship to KolleKolle Hotel & Konferencecenter, including any participation in KolleKolle Hotel & Konferencecenter’s customer/loyalty programmes
• Comply with legal requirements on, for instance, the registration of overnight guests according to immigration law and passport regulations

6. The capacity – legal basis – for processing

KolleKolle Hotel & Konferencecenter usually processes personal information because this is necessary to fulfil agreements with KolleKolle Hotel & Konferencecenter that guests/customers or suppliers are part of. This occurs, for instance, in connection with a hotel stay, holding meetings and/or managing and living up to partner and supplier agreements, cf. item 6.1.b.

KolleKolle Hotel & Konferencecenter also processes personal information for bookings prior to, e.g. overnight stays, meetings, parties and conferences, as well as prior to entering into supplier agreements.

In some cases KolleKolle Hotel & Konferencecenter’s processing of personal information occurs because KolleKolle Hotel & Konferencecenter is pursuing a legitimate / relevant interest that overrides the interests of the guest/customer/suppliers’ (the registered party) interests, cf. item 6.1.f.

Some examples of a legitimate interest include the drawing up of statistics, customer surveys, marketing and analysis of general guest/customer behaviour that aim to improve their experience at KolleKolle Hotel & Konferencecenter, and the quality of KolleKolle Hotel & Konferencecenter’s services and products.

If a guest/customer expresses any special personal preferences or considerations during a stay/visit at KolleKolle Hotel & Konferencecenter that must be taken into consideration, for example health conditions, disabilities, religious beliefs or the like, KolleKolle Hotel & Konferencecenter exclusively uses this information to ensure that the guest/customer’s personal preferences, health etc. are taken into account.

In addition, personal information is collected and processed with consent in connection with, for instance customer surveys and newsletters, cf. item 6.1.a.

In some situations, KolleKolle Hotel & Konferencecenter receives personal information from a third party, for example a travel agency, an agent or similar, for example in connection with group bookings. When this occurs, the third party is required to inform the relevant guests/customers/suppliers about KolleKolle Hotel & Konferencecenter’s terms and conditions and the content of the data protection privacy policy.

KolleKolle Hotel & Konferencecenter is also, by law, cf. above under item 5, required to register a variety of information on overnight guests. This information must be stored for at least one year and not more than two years, cf. item 6.1.c.

7. Rights of registered parties

According to the rules of the General Data Protection Regulation, the registered party (guests/customers/suppliers) has various rights. A registered party is entitled at any time to:

• Access the personal information KolleKolle Hotel & Konferencecenter processes about the registered party
• Correct and update the personal information that KolleKolle Hotel & Konferencecenter has on the registered party
• Have the personal information deleted that KolleKolle Hotel & Konferencecenter possesses on the registered party. If the registered party requests that information be deleted, then all of the information that KolleKolle Hotel & Konferencecenter is not legally required to save will be deleted. Deletion of the registered party’s information can, in some instances, mean that KolleKolle Hotel & Konferencecenter will be unable to honour agreements entered into or provide certain services to the registered party.

If any of the information that KolleKolle Hotel & Konferencecenter possesses on the registered party was provided based on the registered party’s consent, then the registered party has every right to withdraw the consent, which means that the information will be deleted and no longer used by KolleKolle Hotel & Konferencecenter. This does not apply to information, cf. above, that KolleKolle Hotel & Konferencecenter is legally required to store.

The opportunity to request a deletion etc., however, can be limited to protect the privacy of other parties, business secrets and intellectual property rights, as well as, for example, in the interest of having the possibility to enforce or defend itself against potential legal claims.

The registered party can at any time request, in writing, that KolleKolle Hotel & Konferencecenter provide an overview or copy of the personal information about the registered party that KolleKolle Hotel & Konferencecenter is in possession of.

A written request must be signed by the registered party and contain the party’s name, address, phone number and email address.

The registered party can also contact KolleKolle Hotel & Konferencecenter, if the party believes that their personal data is being treated in violation of the law or contrary to other legal obligations, such as the agreement/contract that the registered party has with KolleKolle Hotel & Konferencecenter.

Written requests must be sent to KolleKolle Hotel & Konferencecenter; see contact information above under item 1.

KolleKolle Hotel & Konferencecenter will, to the extent possible, within one month of receiving the registered party’s written request, send this to the registered party’s postal address.

If the registered party requests a correction and/or deletion of their personal information, KolleKolle Hotel & Konferencecenter will assess whether the conditions for the request have been met and KolleKolle Hotel & Konferencecenter will then execute the changes or deletion as quickly as possible.

The registered party can at any time withdraw their consent by sending an email to: info@kollekolle.dk, or by sending a letter to the address listed under item 1.

KolleKolle Hotel & Konferencecenter reserves the right to deny a request if it resembles ongoing harassment or requires disproportionate technical measures (e.g. the development of a new IT system), or that affects the protection of other registered parties’ personal information, or in other situations where it would be disproportionately resource intensive or exceedingly difficult to fulfil the request.

8. Security and sharing of personal information

KolleKolle Hotel & Konferencecenter protects the registered party’s personal information and has established guidelines that protect the registered party’s personal information against unauthorised disclosure and against unauthorised individuals from gaining access to or knowledge of it.

Only the individuals/staff at KolleKolle Hotel & Konferencecenter who are required to have access to the registered party’s personal information due to their job function have access to it.

KolleKolle Hotel & Konferencecenter continuously checks that unauthorised access to the personal information of registered parties does not occur.

KolleKolle Hotel & Konferencecenter regularly does a backup of the registered party’s personal information.

In the event of a security breach with a high risk of misuse of the registered party’s personal information, including, for example identity theft, economic loss, loss of reputation or other forms of abuse, KolleKolle Hotel & Konferencecenter will notify the registered party of the security breach as quickly as possible.

KolleKolle Hotel & Konferencecenter’s security procedures are reviewed on an ongoing basis and updated in relation to technological developments.

KolleKolle Hotel & Konferencecenter uses a number of external suppliers of, e.g. IT services, IT systems and payment solutions.

KolleKolle Hotel & Konferencecenter enters into data processing agreements on an ongoing basis with all of KolleKolle Hotel & Konferencecenter data processing units, where it is also ensured that external data processing units maintain the necessary high level of protection regarding the registered party’s personal information.

In order to meet agreements with registered parties and to meet the needs of guests and customers, KolleKolle Hotel & Konferencecenter shares selected personal information with external suppliers, such as restaurants and hotels. This occurs if the hotel is overbooked, the guest requests a reservation at a restaurant or when a partner is booked, for instance, for a team building activity.

KolleKolle Hotel & Konferencecenter shares and discloses personal information internally within the group, including with sister companies. The purpose of sharing is to be able to give guests/customers the best possible attention and service, regardless of which hotel or department in the Danish Agriculture and Food Council’s group that guests/customers select.

KolleKolle Hotel & Konferencecenter is in some cases legally obliged to disclose personal data, or to do so as a result of a decision made by a public authority.

KolleKolle Hotel & Konferencecenter will delete your personal information when KolleKolle Hotel & Konferencecenter’s legal obligation ends or when the purpose of collecting and processing the information is no longer present. In general , financial data is stored for five years and other data for two years from the date of the last visit.

9. Cookies

KolleKolle Hotel & Konferencecenter uses cookies. Additional information about KolleKolle Hotel & Konferencecenter’s cookie policy can be found here: cookie-policy 

10. Complaints

Complaints concerning KolleKolle Hotel & Konferencecenter’s processing of personal information can be submitted to the Danish Data Protection Agency, BORGERGADE 28, 5, 1300 COPENHAGEN K, DENMARK, TELEPHONE: +45 3319 3200, E-MAIL: dt@datatilsynet.dk

11. Updating

This document will be updated regularly.

Last update: 29 May 2018

*This is a Danish to English translation. In the event of any discrepancies between the two versions, the Danish version shall prevail.