Lyngen Lodge Privacy Policy
1 Introduction
Lyngen Arctic Adventures AS is committed to your privacy. We want your personal data to be private and secure. In this Privacy Policy, we explain:
- What personal data we collect and how
- The purpose of collecting data
- Your rights
- Disclosure of personal data to third parties, including subcontractors
- Security
Lyngen Arctic Adventures AS (hereinafter "we" or "us") is a Norwegian limited liability company. We promise to adhere to applicable Norwegian privacy law and meet the minimum requirements according to applicable laws and regulations within the EU/EEA, including the General Data Protection Regulation (GDPR), which came into force May 25, 2018. We will ensure that your privacy rights and our processing of your personal data are held to the highest standard.
We collect and process data as described in this Privacy Policy. It is important that you read this Privacy Policy thoroughly. We want you to be aware of your rights so you can help us become better. If you do not agree with the contents of this Privacy Policy, you should refrain from using our website, or booking any rooms or activities with us.
2 What personal data we collect and how
Users of our site and/or guests are required to register some personal data. We also use and store cookies that may contain personal data. Users can also choose to register optional personal data.
2.1 Personal data necessary to book rooms and activities with us:
- Name
- Gender
- Nationality
- Age
- Full address
- E-mail address
- Phone number
2.2 Special categories of personal data Special categories of personal data is information relating to:
- Racial or ethnic origin, or political opinions, philosophical or religious beliefs,
- The fact that a person has been suspected of, charged with, indicted for or convicted of a criminal act,
- Health,
- Sex life,
- Trade-union membership.
We do not collect special categories of personal data. However, upon booking certain activities, you may want to inform us about any special needs or allergies you might have.
2.3 Cookies Our website uses cookies. A cookie is a file, which is stored on your web browser for enabling our website to recognize the user's web browser each time you visit us and helps the user access a site faster and more efficiently. For more information about how cookies work, please be referred to www.allaboutcookies.org.
We use the following cookies on our website:
Google Analytics:
We gather statistics on how our website is use with the specific purpose of improving it. Google Analytics uses cookies that start with _ga. We have enabled the function "anonymizeIP", so that your IP-address is not stored on Google's servers.
3 Purpose and legal basis for processing
We collect, store and use personal data for several purposes:
To provide you with access to our website: We use personal data about you to be able to provide the website to you. The legal basis for this is the contract you entered into with us concerning the provision of the website.
To develop and improve the functionality of our website and related services: We want to provide you with the best possible experience. For this purpose, we use personal data that you have provided to us and that is generated while using the website to develop and improve the website and our service offerings. This is based on our legitimate interest in developing and improving the website and related service offerings.
To provide you with relevant marketing and promotions: We want the marketing you experience and the promotions you get to be as relevant as possible. For this purpose, we process personal data about you, and the legal basis for this processing is our legitimate interests in generating income from your bookings.
To ensure secure payments: We process personal data that you provide to us and that is generated from the use of payment cards to ensure that any payments you make to us are secure. This is based on the contract you entered into with us concerning the provision of the rooms and activities along with our legitimate interests in ensuring secure payment.
4 Disclosure of personal data to third parties, including subcontractors
We use subcontractors for processing personal data ("Sub-Processors") for the following purposes:
- Data storage
- Data analysis
- Marketing
We ensure that all Sub-Processors enter into written agreements, including (if pertinent) agreements authorizing transfers outside the EEA. Sub-Processors are imposed the same obligations as us in relation to this Privacy Policy. We will never sell, transfer or otherwise disclose personal data for other reasons than defined by this Privacy Policy unless required by law or with your consent. If we suspect criminal activity in connection with your use of our services, we may choose to disclose information to the police upon demand.
5 Your rights
Consent: If our data processing is based on your consent, you can withdraw your consent regarding our use of your personal data at any time. If you want to withdraw your consent, we will delete your account within reasonable time, unless we have another legal basis for further processing of the data.
Access: You can request access, free of charge, to the personal data we have collected about you at any time, unless such rights are restricted by law. You can also request information about how we collect personal data at any time.
Erase & rectify: If certain conditions are met, you can request that we erase (delete) and rectify any collected personal data concerning you.
Lodge a complaint: If you are not satisfied with the way we process your personal data, you have the right to lodge a complaint with the relevant supervisory authority (in Norway: Datatilsynet). However, we hope you will contact us first using the contact information below, regarding any issues you might have.
Other data protection rights: You may have other rights in personal data concerning you depending on your circumstances. Please contact us if you have further questions regarding your rights.
6 Security
We employ routines and measures ensuring that no unauthorized persons gain access to any of your personal data. These measures include both physical and logical measures, risk assessments, and routines for handling data and following up requests about access to and deletion of personal data.
7 How to get in touch
If you have any questions, suggestions or requests regarding the collection of personal data, please contact us at: info@lyngenlodge.com or by regular post to:
Lyngen Lodge Djupvik,
9146 Olderdalen
Norway