We at THE THIEF handle your personal information in different contexts, such as when you book our services, stay overnight at our hotels, use services we provide and also in some other contexts. In our privacy statement, you will find more information about our processing of personal data. Below you will also find contact information if you have questions or require access.
We process your personal information in accordance with the current local personal information act, hereinafter GDPR.
2. Processor for your personal information
Our company THE THIEF Hotel AS org. nr. 895716782, Postboks 200 Økern, 0510 Oslo tel. +47 24 00 40 00, e-post firstname.lastname@example.org is responsible for processing personal information in our booking, billing and hotel management systems. We are also the processor for our marketing and mailing of emails to our customers and contacts.
3. Processing of personal information related to booking and stay
In connection with any bookings made by you or by others on your behalf, we process the personal information we need to fulfil the agreement on booking and purchasing services. This is information you have provided us with directly or that you have given us through a travel agency or agent. We process information about things such as your identity, your contact information, and your payment information. In some cases, we will save your passport number. In addition, we handle other information you may have given us and which is relevant to your stay with us. This may be information about allergies or about special requests for your stay. We register all purchases and orders you make with us such as spa, restaurant, room service etc, to be able to provide such services and to pay for them.
We process this information as long as it is necessary for fulfilling the booking agreement with you, and as long as applicable laws or regulations require us to do so.
We log in using key cards in our hotel. We do this to counteract and solve crime, and for security, including fire safety. We save the logs for 21 days.
4. Processing of personal data for marketing purposes
If you sign up for our newsletter, we will save and use your email address to send you news and offers.
We will also use your email address or phone number to send you news and offers within existing customer relationship rules. Our basis is the marketing legislation.
We will contact you via social media with your consent or within existing customer relationships. In order to use social media as a communication channel, we need to give out your email address or social networking number. Our basis for this is consent or legitimate interests.
You can withdraw any consent you have given us at any time. You can also reserve the right to consent to receiving marketing in existing customer relationships. To do this, send an email to email@example.com.
5. Processing of personal data for development, troubleshooting and security
We will process data that includes personal information for troubleshooting and correcting errors, improving our services and technology we use, and analysing usage and user behaviour. Furthermore, we will process personal information to verify your identity, including verifying your identity in connection with your use of our digital services.
We anonymise data and create statistics as far as possible, but will also need to process personal data for development, troubleshooting, statistical and security purposes.
6. Processing of personal information in other cases
If you contact our customer service or otherwise address us with requests, we will process personal information you provide as far as is necessary to be able to answer and log your inquiry. The basis for this is legitimate interests or fulfilling agreements with you or answering your inquiries.
In addition to the treatment described in our privacy statement or based on your consent, we may or may not process personal data when the applicable law, including the Personal Information Act and the GDPR, valid government order or court requires us or allows us to do so.
7. Disclosure of personal data and statutory treatment.
We will not disclose your personal information to third parties unless you have consented to this, or unless applicable law, including the Personal Data Act and GDPR, valid government orders or courts allow us or require us to do so.
For the record, we wish to state that our use of data processors to process information on behalf of us is not considered disclosure.
8. Your rights
You as a private person have more rights under the new personal information act.
You have the right to request access, rectification or erasure of any personal information we are processing about you. You also have the right to demand restriction of processing, object to processing and claim the right to data portability.
To exercise your rights, please go to the following web page https://www.nordicchoicehotels.com/terms-and-conditions/terms-and-conditions/right-for-access/ . We will respond to your inquiry to us as soon as possible and no later than 30 days.
We will ask you to confirm your identity or ask you to provide further information before we allow you to exercise your rights in this manner. We must do this to ensure that we only provide access to your personal information to you – and not someone who is claiming to be you.
9. Data protection officer
We are part of Nordic Choice Hotels. Nordic Choice Hotels has its own data protection officer. This data protection officer will be the ombudsman for all hotels affiliated with Nordic Choice Hotels, including for us.
The data protection officer is our point of contact for the Data Inspectorate.
Our officer can also help you safeguard your rights or help answer questions about personal information you have with us.
You can contact our data protection officer at firstname.lastname@example.org.
If you believe that our processing of personal information does not match what we have described here or that we in some way are in violation of privacy laws, you may alternatively appeal to the Norwegian Data Protection Authority or the supervisory authority of the country in which you are staying in a hotel. Information about how to contact the Data Inspectorate can be found on the Data Inspectorate’s website: www.datatilsynet.no.
A cookie is a small text-based data file that is placed on your device (your smartphone, computer or tablet). The cookie helps us to see what type of content and pages are visited on our site. Information stored using a cookie may be things like how the site is used, what type of browser you are using, and which web pages you have visited.
A permanent cookie is left on your device for a certain amount of time. A session cookie is stored randomly in your device’s memory while on our websites. The session cookie disappears when you close your browser. We use both permanent cookies and session cookies. Nordic Choice may also use a third party’s cookies.
If you do not want our websites to place cookies on your device, you can turn off cookies in your browser. Turning off cookies will reduce the functionality of some of our web pages.
11. Personalising your stay with us
THE THIEF wishes to offer our customers the best possible hotel stay according to each guest’s preferences and purchase history.
On the basis of legitimate interests, we will use information we have received from you about your preferences for rooms (such as e.g. “window overlooking sea”, or “quiet room desired”) and information about your purchases with us (“sparkling water” rather than “still water” ») to offer you a more personalised stay.
This information is collected based on your purchases with us and any wishes or requests you express to our employees.
In addition, we will occasionally collect information about you from open sources such as the Internet and social media, but limited to information relevant to offer you a personalised stay with us. The basis for this is legitimate interest.
The information will not be delivered to others.
You can reserve the right against allowing us use of your information for personalising your stay. You can do this by sending an email to email@example.com.
12. Changes in privacy statement or in processing
We are continuously working on developing and improving our services to our customers. This will change the method or extent of our processing of personal data. The information we provide through this privacy statement will therefore be adjusted and updated sporadically. We will also make changes to the privacy statement when new rules or government practices make it necessary.